Auth module is a standard rights management system provided by Django, which can provide user authentication, user group and Rights Management .
Auth can be used in conjunction with the Admin module to quickly establish a website management system.
Add ' Django.contrib.auth ' to Installed_apps to use the app, Auth module is enabled by default.
User
User is the model of the relationship that maintains users ' information in the Auth module (inherited from models. Model), the table in the database is named Auth_User.
SQL description for user table:
CREATE TABLE"Auth_User" ("id" )integer not NULL PRIMARY KEYautoincrement, "password"varchar( -) not NULL, "Last_login"datetime NULL, "Is_superuser" bool not NULL, "first_name"varchar( -) not NULL, "last_name"varchar( -) not NULL, "email"varchar(254) not NULL, "Is_staff" bool not NULL, "is_active" bool not NULL, "date_joined"datetime not NULL, "username"varchar( -) not NULL UNIQUE)
The Auth module provides a lot of API management user information, and when necessary we can import the user table for operation, such as when other tables need to be associated with User:
from Import User
Create user
user = User.objects.create_user (username, email, password)
To create a user object:
User.save ()
Here, you need to call the Save () method to save this new user to the database.
auth
module does not store user passwords plaintext instead stores a hash value, such as an iteration using the MD5 algorithm.
Certified Users
authenticate
when using modules, import the modules first:
from Import Authenticate
Pass the account and credentials using the keyword parameter:
user = Authenticate (username=username, Password=password)
The authentication user's password is valid, and if valid, returns the User object that represents it, or none if it is not valid.
It is important to note that the method does not check the is_active
flag bit.
Modify User Password
The change password is an instance method of user, and the method does not authenticate users:
User.set_password (New_password)
Typically this method needs to be used in conjunction with authenticate:
user = Auth.authenticate (username=username, password=old_password)if is not None: User.set_password (New_password) user.save ()
Login
To import the module first:
from Import Login
Login adds Session_key to the session for easy tracking of the user:
Login (request, user)
Login does not authenticate, nor does it check the is_active flag bit, which is used in general and authenticate:
user = Authenticate (username=username, password=password)if is not None: if user.is_active: Login (Request, user)
auth/__init__.py
you can see the source code for login in.
Sign Out
Logout removes the user information from the request and refreshes the session:
from Import Logout def Logout_view (Request): logout (Request)
permission to judge, only allow logged-in user access
@login_required
The modifier-decorated view function first checks whether the login is logged through session key, the logged-on user can perform the operation normally, and the user who is not logged in will be redirected to login_url
the specified location. If the Login_url parameter is not specified, it is redirected to settings.LOGIN_URL
.
from Import login_required@login_required (Login_url='/accounts/login/') def My_view (Request): ...
Group
django.contrib.auth.models.Group
A model of the user group is defined, each user group owns id
and name
two fields, and the model is mapped to a data table in the database auth_group
.
There is a groups
many-to-many field named in the user object, and a many-to-many relationship is maintained by the auth_user_groups
data table. The Group object can user_set
query users in the user group by reverse.
We can add or remove user groups by creating a delete group object:
# Addgroup = Group.objects.create (name=group_name) group.save ()# delgroup.delete ()
We can manage the relationship between users and user groups through standard multi-to-many field operations:
# user Join user group User.groups.add (Group) # or group.user_set.add (user) # user exits user group user.groups.remove (Group) # or group.user_set.remove (user) # user exits all user groups user.groups.clear () # all users in the user group exit Group Group.user_set.clear ()
Permission
Django's AUTH system provides model-level permission control, which allows you to check whether a user has add, change, or delete permissions on a data table.
The AUTH system is unable to provide object-level permission control, which is to check whether the user has permission to add or delete a record in the data table. Can be used if object-level permission control is required django-guardian
.
Assuming there is a article data Sheet Management blog post in the blogging system, Auth can check whether a user has administrative rights to all posts , but cannot check whether the user has administrative rights on a blog post.
Check user Permissions
user.has_perm
method is used to check whether a user has permission to manipulate a model:
User.has_perm ('blog.add_article') user.has_perm ('blog.change_ Article') user.has_perm ('blog.delete_article')
The above statement checks to see if the user has the add permission to the article model in the app, and returns True if the permission is granted.
has_perm
It is only a permission check, that is, the user does not have permissions and it does not prevent the programmer from performing related actions.
@permission_required
Adorners can be substituted has_perm
and redirected to the login page or throw an exception if the user does not have the appropriate permissions.
# permission_required (perm[, Login_url=none, Raise_exception=false]) @permission_required ('blog.add_article') def post_article (Request): Pass
Each model has a default increment (add), change, delete (delete) permission. All permissions in the project are saved in the django.contrib.auth.models.Permission
model.
The model is saved as a data table in the database auth_permission
. Each permission has id
,, name
, content_type_id
codename
four fields.
Manage User Permissions
User and permission are associated with many-to-many fields user.user_permissions
and are maintained in the database by the auth_user_user_permissions
data table.
# Add Permissions user.user_permissions.add (permission) # user.user_permissions.delete (permission)#user.user_permissions.clear ()
It is a more convenient way to use user groups to manage permissions for users who have permissions on the user group. The group contains many-to-many fields permissions
, which are maintained in the database by the auth_group_permissions
data table.
#group.permissions.add (permission)#group.permissions.delete ( Permission)#group.permissions.clear ()
Custom Permissions
You can use meta-custom permissions when defining the model:
Discussion (models. Model): ... class meta:permissions = (( " create_discussion " , " can Create a discussion " ), ( reply_discussion ", " can reply discussion "
To determine whether a user has custom permissions:
User.has_perm ('blog.create_discussion')
Django Privilege System Auth module