我试图使用Django的认证系统,下面 构建登录页面的意见为什么用户认证不成功?
from django.contrib import auth
def auth_view(request):
username = request.POST.get('username','')
password = request.POST.get('password','')
print request.POST
user = auth.authenticate(username=username, password=password) #returns user object if match else None
if user is not None:
auth.login(request, user) #make user status as logged in now using django login function
return HttpResponseRedirect('/todos')
else:
return HttpResponseRedirect('/accounts/invalid')
的login.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Login page</title>
</head>
<body>
<h2>login page</h2>
<hr>
<form action="/accounts/auth/" method="post">{% csrf_token %}
username: <input type="text" name="username" value="" id="username"><br>
password: <input type="password" name="password" value="" id="password"><br>
<input type="submit" value="Login">
</form>
</body>
</html>
urls.py
...
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^', include('invoices.urls')),
url(r'^todos/', include('todos.urls')),
url(r'^accounts/login/$', todos.views.login, name='login'),
url(r'^accounts/auth/$', todos.views.auth_view, name='auth_view'),
url(r'^accounts/logout/$', todos.views.logout, name='logout'),
url(r'^accounts/loggedin/$',todos.views.loggedin, name='loggedin'),
url(r'^accounts/invalid/$', todos.views.invalid_login, name='invalid_login'),
]
变种即使用户/密码正确,user
也会返回None
。当我将此行user = auth.authenticate(username=username, password=password)
更改为实际用户名和密码时,例如。 user = auth.authenticate(username="peter", password="[email protected]$w0rD275")
它成功登录
命令行了把
>>>result=auth.authenticate(username='admin', password='adkd92')
>>>print result
None
>>>result=auth.authenticate(username='admin', password='admin123')
>>>print result
admin
你有一个表单或它只是你发送的一些文章?我的意思是从Django的AuthForm或其他?用户名和密码有价值吗?它们存在于db中吗? – Bestasttung
是的用户/ pass存在于django管理数据库中。 –
当你得到request.POST.get('password','')时,值是什么?这是一个明确的密码或一个哈希? – Bestasttung