需要授权。阅读了几篇文章,阅读所有inbuild机制,接受并执行它。他开始这样做。django授权
注册模块django-registration
,写自己登录,使用lib django.contrib.auth
。如下所示:我在登录页面登录,似乎一切都很好,但当我去另一页面授权时,奇迹般地消失了。据我了解,授权没有写入会话,我只在登录页面获得授权。
我做了以下内容:
- 授权的登录页面上。
- 记录整个
User
对象为session
。 - 在每个页面上,我在页面加载时检查的第一件事是会话数据中是否存在
User
,如果是,请从此处读取它。
来源是这样的:
def login_user(request):
state = "Please log in below..."
username = password = ''
if request.POST:
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
state = "You're successfully logged in!"
else:
state = "Your account is not active, please contact the site admin."
else:
state = "Your username and/or password were incorrect."
request.session['user'] = user
return render(request,'auth.html',{'state':state, 'username': username, 'info':'info'})
和网页,我从session
阅读:
@csrf_protect
def home(request):
if "user" in request.session:
user = request.session['user']
else:
user = None
return render_to_response('home.html', {'user_name' : user}, context_instance = RequestContext(request))
但我认为,这是一个非常愚蠢的做法。你能建议一个更合适的方法吗?