title: 自定义django中间件实现登录
date: 2018-06-06 08:11:56
tags: 中间件
作者:李忠林
Github: https://github.com/Leezhonglin
Gitblog: https://leezhonglin.github.io/
日期: 2018年6月5日
django中注册登录实现
自定义中间件
其实说django自己也带了中间件,但是用起来有点不灵活,需要验证的每个url前面需要包一层login_required(),自我感觉有点不方便.说干就干吧.
首先在我们的项目文件夹下面创建一个新的目录专门用来存放我们中间件和其他函数.文件夹的名字我们就命名为:utils.在使用python manage.py startapp user 建立好我们用户的应用,所有与用户相关的东西都放这里面来.

文件中的UserAuthMiddleware.py就是我们要自定义中间件的文件.init文件就是我们要去初始化中间件.
下面我们就在UserAuthMiddleware.py中开始写我们的代码了.
from datetime import datetime
from django.db.models import Q
from django.http import HttpResponseRedirect
from django.core.urlresolvers import reverse
from django.utils.deprecation import MiddlewareMixin
from user.models import UserTicketModel
class UserAuthMiddle(MiddlewareMixin):
def process_request(self, request):
need_login = ['/axf/mine/', '/axf/cart/']
if request.path in need_login:
ticket = request.COOKIES.get('ticket')
if not ticket:
return HttpResponseRedirect(reverse('user:login'))
user_ticket = UserTicketModel.objects.filter(ticket=ticket).first()
if user_ticket:
if datetime.now() > user_ticket.out_time.replace(tzinfo=None):
UserTicketModel.objects.filter(user=user_ticket.user).delete()
return HttpResponseRedirect(reverse('user:login'))
else:
request.user = user_ticket.user
UserTicketModel.objects.filter(Q(user=user_ticket.user) & ~Q(ticket=ticket)).delete()
return None
else:
return HttpResponseRedirect(reverse('user:login'))
else:
return None
引入模块的顺序是先引入系统自带的模块—>在引入django带的模块—>在引入自己定义的模块.已经登录注册的中间件我们就定义好了.那么我们如何去使用它呢?
进入我们的项目中的settings.py的文件找到我们的中间件配置的位置把我们定义好的东西引入进来具体如下:
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'utils.UserAuthMiddleWare.UserAuthMiddle',
]
再来到我们定义好的models.
from django.db import models
class UesrModel(models.Model):
"""
保存用户
"""
username = models.CharField(max_length=32, unique=True)
password = models.CharField(max_length=256)
email = models.CharField(max_length=64, unique=True)
sex = models.BooleanField(default=False)
icon = models.ImageField(upload_to='icons')
is_delete = models.BooleanField(default=False)
class Meta:
db_table = 'axf_users'
class UserTicketModel(models.Model):
"""
保存用户登录需要用的ticket
"""
user = models.ForeignKey(UesrModel)
ticket = models.CharField(max_length=256)
out_time = models.DateTimeField()
class Meta:
db_table = 'axf_users_ticket'
以上准备工作都做好了之后我们就开始来配置我们的[URL]和views.
from django.conf.urls import url
from user import views
urlpatterns = [
url(r'^register/', views.register, name='register'),
url(r'^login/', views.login, name='login'),
url(r'^logout/', views.logout, name='logout'),
]
建立我们的登录注册注销的views
from datetime import datetime, timedelta
from django.contrib.auth.hashers import make_password, check_password
from django.core.urlresolvers import reverse
from django.http import HttpResponse, HttpResponseRedirect
from django.shortcuts import render
from user.models import UesrModel, UserTicketModel
from utils.function import get_ticket
def register(request):
if request.method == 'GET':
return render(request, 'user/user_register.html')
if request.method == 'POST':
username = request.POST['username']
email = request.POST['email']
password = request.POST['password']
icon = request.FILES['icon']
if not all([username, email, password]):
msg = '参数不能为空'
return render(request, 'user/user_register.html', {'msg': msg})
password = make_password(request.POST['password'])
UesrModel.objects.create(username=username,
email=email,
password=password,
icon=icon)
return HttpResponseRedirect(reverse('user:login'))
def login(request):
"""
登录
:param request:
:return:
"""
if request.method == 'GET':
return render(request, 'user/user_login.html')
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
user = UesrModel.objects.filter(username=username).first()
if user:
if check_password(password, user.password):
ticket = get_ticket()
response = HttpResponseRedirect(reverse('axf:mine'))
out_time = datetime.now() + timedelta(days=1)
response.set_cookie('ticket', ticket, expires=out_time)
UserTicketModel.objects.create(user=user,
out_time=out_time,
ticket=ticket)
return response
else:
msg = '密码不正确'
return render(request, 'user/user_login.html', {'msg': msg})
else:
msg = '用户名不正常'
return render(request, 'user/user_login.html', {'msg': msg})
def logout(request):
"""
用户注销
"""
if request.method == 'GET':
response = HttpResponseRedirect(reverse('user:login'))
response.delete_cookie('ticket')
return response
来到这一步我们的工作就差不多结束了.这样我们就可以启动服务器来测试我们定义的中间件是否有效. 推荐都使用debug来检查我们写代码的问题,这样对我们自己的能力提升是非常大的.
——————<end>-------------