Django User authentication System (i) the user object

User Object

The user object is the core of the authentication system. User objects are typically used to represent users of a Web site, and support such as access control, registered users, associated creators, and content. There is only one user class in the Django authentication framework, such as a superuser (' superusers ') or (' staff ') user who is simply setting different properties for the same user object.

Default Field Fields

Username

User name, Required field. 30 characters or less, can contain _, @, +,. and-characters.

First_Name
Optional. characters or fewer.

Last_Name
Optional. characters or fewer.

Email
Mailbox, optional. Email address.

PassWord
Password, required. Django does not store the password in plaintext, but instead stores the hash value.

Groups
User groups. Many-to-many Relationship to Group

User_permissions
User rights. Many-to-many Relationship to Permission

Groups = models. Manytomanyfield (Group, verbose_name=_ (' groups '),
Blank=true, Help_text=_ (' The groups this user belongs to. A user would '
' Get all permissions granted to each of '
' their groups. '),
Related_name= "User_set", related_query_name= "user")
User_permissions = models. Manytomanyfield (Permission,
Verbose_name=_ (' User permissions '), Blank=true,
Help_text=_ (' Specific permissions for this user. '),
Related_name= "User_set", related_query_name= "user")

Is_staff
Boolean. Determines whether the user can access the Admin admin interface. False by default.

Is_active
Boolean. User is active, default true. Users are not typically removed, but the user's is_active is set to false.

Is_superuser
Boolean. False by default. When set to true, the user obtains full permissions.

def has_perm (self, Perm, Obj=none):
"""
Returns True If the user has the specified permission. This method
Queries all available auth backends, but returns immediately if any
Backend returns TRUE. Thus, a user who had permission from a single
Auth backend is assumed to the permission in general. If An object is a provided, permissions for the specific object is checked.
"""

# Active Superusers has all permissions.
If Self.is_active and Self.is_superuser:
Return True

# Otherwise We need to check the backends.
Return _user_has_perm (self, perm, obj)

Last_login

The last logon time, as a DateTime object, defaults to the time of day.

User.last_login = Timezone.now ()

date_joined
User-created time

Method methods

Is_anonymous ()

Whether it is an anonymous user.

Is_authenticated ()
Whether the user is authenticated, logged in.

Get_full_name ()
Returns first_name plus the last_name, with a space in between.

Get_short_name ()
Returns FIRST_NAME.

Set_password (Raw_password)
Set the password.

Check_password (Raw_password)
Verify the password.

Get_group_permissions (Obj=none)
Returns a collection of user group permissions.

Get_all_permissions (Obj=none)
Returns the user-owned collection of permissions.

Has_perm (Perm, Obj=none)
Whether the user has a permission. The format of the perm is "<app label>.<permission codename>".

Has_perms (Perm_list, Obj=none)
Whether the user has each permission in the permissions list.

Create user

Because the user object's password is not stored in plaintext, the user object is created with the built-in Create_user () method, unlike the usual model create.

>>> from django.contrib.auth.models import User
>>> user = User.objects.create_user (' John ', ' lennon@thebeatles.com ', ' Johnpassword ')

# at the this point, user was a user object that has already been saved
# to the database. You can continue to the change of its attributes
# If you want to the change of other fields.
>>> user.last_name = ' Lennon '
>>> User.save ()

Of course, you can also add users to the admin interface.

Create Superusers

$ python manage.py createsuperuser--username=joe--email=joe@example.com

Change Password

Use the built-in Set_password () method.

>>> from django.contrib.auth.models import User
>>> u = User.objects.get (username= ' John ')
>>> u.set_password (' New password ')
>>> U.save ()

Verifying users

Authenticate ()

Verify that the given username and password are a valid user. Returns a user object if it is valid, or none if it is not valid.

From Django.contrib.auth Import Authenticate
user = Authenticate (username= ' John ', Password= ' secret ')
If user is not None:
# The password verified for the user
If user.is_active:
Print ("User is valid, active and authenticated")
Else
Print ("The password is valid, and the account has been disabled!")
Else
# The authentication system was unable to verify the username and password
Print ("The username and password were incorrect.")

The above is the Django User authentication system (a) content of the user object, more relevant content please pay attention to topic.alibabacloud.com (www.php.cn)!

