2

我有一个登录和身份验证功能,它从表单中获取输入,验证来自数据库的数据,如果正确则返回 right.html,否则返回 wrong.html。密码存储在galaxy_user数据库中,uname的输出为:

u'sachitad'

passw 的输出是:

u'f8566297ee28e8a3096497070b37b91d24c24243'



 def login(request):
        if request.method == 'POST':
            username = request.POST['username']
            password = request.POST['password']
            u = ''.join(username)
            p = hashlib.sha1(password).hexdigest()
            a = GalaxyUser.objects.values_list('username', 'password')
            uname = a[0][0]
            passw = a[0][1]
            user = authenticate(uname=u, passw=p)

            if user is not None:
                return render_to_response('right.html', context_instance=RequestContext(request))

            else:
                return render_to_response('wrong.html', context_instance=RequestContext(request))

        else:
            return render_to_response('login.html', context_instance=RequestContext(request))

编辑: GalaxyUser 表:

 id | create_time         | update_time         | email                         | password                                 | external | deleted | purged | username | form_values_id | disk_usage |
+----+---------------------+---------------------+-------------------------------+------------------------------------------+----------+---------+--------+----------+----------------+------------+
|  1 | 2013-01-11 15:00:30 | 2013-01-11 15:00:30 | user1@gmail.com   | f8566297ee28e8a3096497070b37b91d24c24243 |        0 |       0 |      0 | sachitad |           NULL |       NULL |
|  2 | 2013-01-11 15:01:01 | 2013-01-11 15:01:01 | user2@zurelsoft.com | f8566297ee28e8a3096497070b37b91d24c24243 |        0 |       0 |      0 | saugat   |           NULL |       NULL |
+----+---------------------+---------------------+-------------------------------+------------------------------------------+----------+---------+--------+-

我想使用电子邮件和密码进行身份验证。

4

2 回答 2

2

Django使用给定的算法('md5','sha1'或'crypt')将密码存储为给定明文密码和盐的十六进制摘要

authenticate() 采用您在注册用户时提供的密码,而不是它的散列版本。您需要提供验证纯文本密码来验证用户。

于 2013-01-11T07:14:11.290 回答
0

authenticate()接受两个关键字参数,username并且password.

user = authenticate(username=u, password=p)

编辑:

很难判断问题出在哪里,因为我们没有任何调试信息……您可能在注册功能中错误地注册了用户,因此错误地设置了用户名或密码。这可以解释为什么您被重定向到 wrong.html 页面。以下登录功能适用于我:

from django.shortcuts import render_to_response, redirect
from django.http import HttpResponseRedirect
from django.template import RequestContext
from somewhere.forms import LoginForm
from django.contrib.auth import authenticate, login

def Login(request):
    if request.method == 'POST':
        login_form = LoginForm(request.POST) # Bound LoginForm
        if login_form.is_valid():
            username = login_form.cleaned_data['username']
            password = login_form.cleaned_data['password']
            user = authenticate(username=username, password=password)
            if user is not None:
                if user.is_active:
                    login(request, user)
                    return HttpResponseRedirect('/success/')
                else:
                    # user has not been activated...must activate using the following lines:
                    #### request.session['username'] = username
                    #### user.backend = 'django.contrib.auth.backends.ModelBackend'
                    #### user.is_active = True
                    #### user.save()
            else:
                # u_and_p_error = "Username and password did not match"
        else:
            return render_to_response('index.html', {'login_form': login_form}, context_instance=RequestContext(request))
于 2013-01-11T07:00:30.033 回答