Describes the implementation of user logon and exit in the Django framework.

This article describes how to log on and exit users in the Django framework. Django is one of the most popular Python frameworks, you can refer to the built-in view function provided by Django to process logon and exit (and other tricks). But before you start, let's see how to manually log on and exit. Django provides two functions to execute actions in django. contrib. auth \: authenticate () and login ().

The user name and password provided by the authentication, using the authenticate () function. It accepts two parameters, username and password, and returns a User object if the password is valid for the given User name. If the password is invalid, authenticate () returns None.

>>> from django.contrib import auth>>> user = auth.authenticate(username='john', password='secret')>>> if user is not None:...   print "Correct!"... else:...   print "Invalid password."

Authenticate () is only used to verify a user's certificate. To log on to a user, use login (). This function accepts an HttpRequest object and a User object as parameters and saves the User ID in the session using the Django session framework.

The following example demonstrates how to use both the authenticate () and login () functions in a view:

from django.contrib import authdef login_view(request):  username = request.POST.get('username', '')  password = request.POST.get('password', '')  user = auth.authenticate(username=username, password=password)  if user is not None and user.is_active:    # Correct password, and the user is marked "active"    auth.login(request, user)    # Redirect to a success page.    return HttpResponseRedirect("/account/loggedin/")  else:    # Show an error page    return HttpResponseRedirect("/account/invalid/")

Log out of a user and use django. contrib. auth. logout () in your view (). It accepts an HttpRequest object and has no returned value.

from django.contrib import authdef logout_view(request):  auth.logout(request)  # Redirect to a success page.  return HttpResponseRedirect("/account/loggedout/")

Note that logout () does not throw any exception even if the user does not log on.

In practice, you generally do not need to write login/logout functions by yourself. The authentication system provides a series of views to process login and logout. The first step to use the authentication view is to write them in your URLconf. You need to write:

from django.contrib.auth.views import login, logouturlpatterns = patterns('',  # existing patterns here...  (r'^accounts/login/$', login),  (r'^accounts/logout/$', logout),)

/Accounts/login/AND/accounts/logout/are the default URLs of views provided by Django.

By default, the login view renders the registragiton/login.html template (you can modify the Template Name using the additional view parameter template_name ). This form must contain the username and password fields. Example: A simple template looks like this

{% extends "base.html" %}{% block content %} {% if form.errors %}  
Sorry, that's not a valid username or password
 {% endif %} {% endblock %}

If the user logs on successfully, it will be redirected to/accounts/profile by default. You can provide a next hidden domain that saves the Redirection URL after login to reload its behavior. You can also send the value to the view function in the form of a GET parameter, which will be saved in the context in the form of the variable next, so that you can use it on the hidden domain.

The logout view is different. By default, it renders the registration/logged_out.html template (this includes the information you have successfully exited ). The view can also contain the next_page parameter for redirection after exit.