def register(request):
form_obj = forms.UserForm()
if request.method == 'POST':
form_obj = forms.UserForm(request.POST)
if form_obj.is_valid():
avatar_obj = request.FILES.get('avatar')
form_obj.cleaned_data.pop('confirm_password', '')
# 创建用户
models.UserInfo.objects.create_user(avatar=avatar_obj,
**form_obj.cleaned_data)
# 创建超级用户
# User.objects.create_superuser(username=,password=,email=)
return redirect('/middle/')
return render(request, 'register.html', {'form_obj': form_obj})
def login(request):
"""
登录视图
:param request:
:return:
"""
#不允许重复登录
if request.session.get("is_login", None):
return redirect('/showbooks/')
if request.method == "POST":
login_form = forms.UserForm(request.POST) #把表单数据导入进来
#POST会触发CSRF的防御机制,我们解决的第二种方案就是在html文件的form内部
#添加{% csrf_token %},可以在form表单的任意位置,在发送的时候,后台会自动过滤
# username = request.POST.get("username")
# password = request.POST.get("password")
#数据验证:分前端验证(这里利用的是H5的新特性帮助我们实现,字段不为空
#并且密码密文显示 )和后端验证
message = "请检查您输入的数据的格式!"
# if username.strip() and password: # 确保用户名和密码都不为空
if login_form.is_valid():
username = login_form.cleaned_data.get('username')
password = login_form.cleaned_data.get('password')
# 用户名字符合法性验证
# 密码长度验证
# 更多的其它验证.....
try: #try异常机制,防止数据库查询失败的异常
#首先验证该用户名在不在,存在返回对象,不存在直接回到登录页面
user = models.User.objects.get(name=username)
except:
message = "用户不存在!"
return render(request, 'login.html', locals())
# if not user.has_confirmed:
# message = '该用户还未经过邮件确认!'
# return render(request, 'login.html', locals())
print(user.password, '#' * 5, password, '@' * 5,
hash_code(password))
# if user.password == hash_code(password):
if user.password == password:
#往session字典内写入用户状态和数据
request.session['is_login'] = True
request.session['user_id'] = user.id
request.session['user_name'] = user.name
return redirect('/showbooks/')
else:
message = "密码不正确!"
return render(request, 'login.html', locals())
else:
return render(request, 'login.html', locals())
login_form = forms.UserForm()
return render(request, 'login.html', locals())
def pcajax_validate(request):
if request.method == "POST":
login_response = {"is_login": False, "error_msg": None}
# 验证验证码
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
#扩充验证用户名密码
user = forms.UserForm(request, request.POST)
if result:
if user.is_valid():
del user.cleaned_data['validCode']
user_obj = models.UserInfo.objects.filter(**user.cleaned_data).first()
if not user_obj:
return HttpResponse(json.dumps(user.errors))
request.session["username"] = user.cleaned_data.get("name")
request.session["userid"] = user_obj.id
return HttpResponse("true")
return HttpResponse(json.dumps(user.errors))
def login(request):
if request.method=="POST":
user = forms.UserForm(request, request.POST)
if user.is_valid():
del user.cleaned_data['validCode']
user_obj=models.UserInfo.objects.filter(**user.cleaned_data).first()
if not user_obj:
return HttpResponse("false")
request.session["username"]=user.cleaned_data.get("name")
request.session["userid"]=user_obj.id
return HttpResponse("true")
return HttpResponse(json.dumps(user.errors))
else:
user=forms.UserForm(request)
user = forms.UserForm(request,request.POST)
return render(request,"login.html",{"form":user})
def login(request):
form_obj = forms.UserForm()
if request.method == 'POST':
ret = {'code': 0}
username = request.POST.get('username')
password = request.POST.get('password')
v_code = request.POST.get('v_code', '')
if v_code.upper() == request.session.get('v_code', ''):
# 自动校验用户名和密码对不对
user = auth.authenticate(username=username, password=password)
if user:
# 内置的login方法
# 1. 生成Session数据,存一下user_id 然后把sessionid写入Cookie
# 后续每一次请求来的时候,AuthenticationMiddleware中的process_request方法中
# 会自动帮我们取到user_id,然后到数据库中拿出user对象,然后添加到request.user属性中 --> request.user = user
# 后续我们都可以通过request.user拿到当前的登陆用户对象
auth.login(request, user)
ret['data'] = '/home/'
else:
ret['code'] = 1
ret['data'] = '用户名或密码错误'
else:
ret['code'] = 1
ret['data'] = '验证码错误'
return JsonResponse(ret)
return render(request, 'login.html', {'form_obj': form_obj})
def login2(request):
form_obj = forms.UserForm()
if request.method == 'POST':
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
# 如果验证码正确
if result:
ret = {'code': 0}
username = request.POST.get('username')
password = request.POST.get('password')
# 自动校验用户名和密码对不对
user = auth.authenticate(username=username, password=password)
if user:
# 内置的login方法
# 1. 生成Session数据,存一下user_id 然后把sessionid写入Cookie
# 后续每一次请求来的时候,AuthenticationMiddleware中的process_request方法中
# 会自动帮我们取到user_id,然后到数据库中拿出user对象,然后添加到request.user属性中 --> request.user = user
# 后续我们都可以通过request.user拿到当前的登陆用户对象
auth.login(request, user)
ret['data'] = '/home/'
else:
ret['code'] = 1
ret['data'] = '用户名或密码错误'
return JsonResponse(ret)
return render(request, 'login2.html', {'form_obj': form_obj})
def reg(request):
form_obj = forms.UserForm()
if request.method == 'POST':
ret = {'flag': 0}
form_obj = forms.UserForm(request.POST)
if form_obj.is_valid():
avatar_obj = request.FILES.get('avatar')
form_obj.cleaned_data.pop('confirm_password', '')
if avatar_obj:
models.UserInfo.objects.create_user(avatar=avatar_obj,
**form_obj.cleaned_data)
else:
models.UserInfo.objects.create_user(**form_obj.cleaned_data)
ret['data'] = '/middle/'
else:
ret['flag'] = 1
ret['data'] = form_obj.errors
return JsonResponse(ret)
return render(request, 'reg.html', {'form_obj': form_obj})
def login(request):
if request.method == "POST":
login_form = forms.UserForm(request.POST)
message = "请检查填写的内容!"
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
try:
user = models.User.objects.get(name=username)
if user.password == password and user.active == 1:
request.session['is_login'] = True
request.session['user_id'] = user.id
request.session['user_name'] = user.name
return redirect('/')
else:
message = "密码不正确!"
except:
message = "用户不存在!"
return render(request, 'login/login.html', locals())
login_form = forms.UserForm()
return render(request, 'login/login.html', locals())