About django authentication and logon, and about django Authentication

About django authentication and logon, and about django Authentication

Authenticated Login

Django. contrib. auth provides many methods. Here we mainly introduce three of them:

1 authenticate (** credentials)User authentication is provided to verify that the user name and password are correct.

Generally, two keyword parameters, username password, are required.

If the authentication information is valid, a User object is returned. Authenticate () sets an attribute on the User object to identify the authentication backend that authenticates the User, and this information is required in the subsequent login process. When we try to log on to a User object that is directly retrieved from the database and does not pass authenticate (), an error will be reported !!

user = authentica(username='someone',password='somepassword')

2 login (HttpRequest, user, backend = None)

This function accepts an HttpRequest object and an authenticated User object.

This function uses the django session framework to append session id and other information to an authenticated user.

from django.contrib.auth import authenticate, logindef my_view(request):  username = request.POST['username']  password = request.POST['password']  user = authenticate(username=username, password=password)  if user is not None:    login(request, user)    # Redirect to a success page.    ...  else:    # Return an 'invalid login' error message.    ...

3 logout (request)

from django.contrib.auth import logoutdef logout_view(request):  logout(request)  # Redirect to a success page.

This function accepts an HttpRequest object and has no return value.

When this function is called, all session information of the current request is cleared.

This function does not return an error even if the user does not log on.
 
Only logon users are allowed to access

If you want:

1. You can only access some pages after logging in,

2. If the user does not log on, he or she will directly jump to the logon page.

3. After logging on to the logon page, the user automatically jumps to the previously accessed address.

We have several methods to achieve this:

1 rough

Check request. user. is_authenticated ()

from django.conf import settingsfrom django.shortcuts import redirectdef my_view(request):  if not request.user.is_authenticated():    return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))

2 login_required function in django

Django has designed a decorator for us: login_requierd ()

from django.contrib.auth.decorators import login_required    @login_required def my_view(request):   ... 

You must perform logon verification before running the my_view function.

1 If the user does not log on, the default django logon URL '/accounts/login/' will be redirected (this value can be modified through LOGIN_URL in the settings file ). And pass the absolute path of the current access url (after successful login, it will be redirected to this path ).

You can use the login_url parameter to configure the logon url.

You can use the redirect_field_name parameter to configure the absolute path of the current access url.

If you want to use the default login interface of django, you can configure it in urls. py. In this way, if you do not log on, the program will jump

"Templates \ registration \ login.html" template.

#urls.py...(r'^accounts/login/$', 'django.contrib.auth.views.login'),

2. If the user logs in, the normal page is displayed.

The above is a small Editor for you to talk about the authentication and login in django, I hope you can support a lot of help home ~