我在项目的每个页面上都需要一个登录表单,并且我正在使用包含标签来实现它。使用 django 文档和一些类似的示例,到目前为止,我已经编写了以下代码:
项目树:
myProj ├── myProj │ └── settings.py ├── celeryPy2 │ ├── forms.py │ ├── templatetags │ │ └── my_tags.py │ ├── urls.py │ └── views.py └── templates ├── base.html └── celeryPy2 ├── login.html └── start.html网址.py
from django.contrib.auth.views import login, logout urlpatterns = patterns('celeryPy2.views', url(r'^$', 'start', name='start'), url(r'^accounts/login/$', login, name='login'), url(r'^accounts/logout/$', logout, {'next_page':'/celeryPy2'}, name='logout'), )视图.py
def start(request): return render_to_response('celeryPy2/start.html', {}, context_instance=RequestContext(request))开始.html
{% extends "base.html" %} {% block title %}celeryPy2 start page{% endblock title %} {% block content %} {% load my_tags %} {% login_form %} {% endblock content %}base.html
<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head><meta charset="utf-8" /><title>celeryPy2</title></head> <body> <div id="header">{% block header %}{% endblock %}</div> <div id="content">{% block content %}{% endblock %}</div> <footer id="footer">{% block footer %}{% endblock %}</footer> </body> </html>my_tags.py
from django import template register = template.Library() from celeryPy2.forms import UserForm @register.inclusion_tag('celeryPy2/login.html', takes_context=True) def login_form(context): form = UserForm user = context['user'] return {'form': form,'user': user}表格.py
class UserForm(ModelForm): class Meta: model = User fields = ('username','password')登录.html
{% if not user.is_authenticated %} <form id="idLogInForm" method="post" action="{% url 'django.contrib.auth.views.login' %}?next=/celeryPy2" class="loginForm">{% csrf_token %} {{ form.as_p }} <button id="idLogInSubmit" name="idLogInSubmit" type="submit">Login</button> </form> {% else %} <form id="idLogOutForm" method="post" action="{% url 'django.contrib.auth.views.logout' %}">{% csrf_token %} <span id="welcomeUserId" class="welcomeUserClass">Welcome, <strong>{{ user.username }}</strong></span> <button id="idLogOutSubmit" name="idLogOutSubmit" type="submit">Logout</button> </form> {% endif %}
我有以下问题和疑问:
- 这是实现它的正确方法还是我会遇到安全问题?
- 当我插入错误的用户凭据时,我正确地得到了错误
Please enter a correct username and password. Note that both fields may be case-sensitive.,并且浏览器 url 栏设置为/celeryPy2/accounts/login/?next=/celeryPy2. 但是,如果我尝试重新登录,它会尝试访问不存在的 url/accounts/profile/。为什么?我不得不说我的settings.py中没有LOGIN_URL或LOGIN_REDIRECT_URL。[已解决,见下文] - 为什么我得到的密码输入字段是明文而不是被掩码字符隐藏?[已解决,见下文]
- 为什么我
Required. 30 characters or fewer. Letters, numbers and @/./+/-/_ characters在用户名输入字段旁边得到标签?[已解决,见下文]
这是我发现有一个代码插件可以在每个页面中重用的方式,它与 django 内置功能尽可能兼容。这对我来说看起来有点棘手(涉及很多文件),可能还有一些需要改进的地方,但我发现这是完成任务的最简单方法。欢迎任何其他更好的想法!