django自定义用户身份验证

# admin管理默认
AUTH_USER_MODEL &＃61; &＃39;web.Account&＃39;

class MyUserManager(BaseUserManager):def create_user(self, email, name, password&＃61;None):"""Creates and saves a User with the given email, date ofbirth and password."""if not email:raise ValueError(&＃39;Users must have an email address&＃39;)user &＃61; self.model(email&＃61;self.normalize_email(email),name&＃61;name,)user.set_password(password)user.save(using&＃61;self._db)return userdef create_superuser(self, email, name, password):"""Creates and saves a superuser with the given email, date ofbirth and password."""user &＃61; self.create_user(email,password&＃61;password,name&＃61;name,)user.is_admin &＃61; Trueuser.save(using&＃61;self._db)return user# 自定义户用的表
class Account(AbstractBaseUser):email &＃61; models.EmailField(verbose_name&＃61;&＃39;email address&＃39;,max_length&＃61;255,unique&＃61;True,)name &＃61; models.CharField(max_length&＃61;32)role &＃61; models.ForeignKey("Role", blank&＃61;True, null&＃61;True)customer &＃61; models.OneToOneField("Customer", blank&＃61;True, null&＃61;True)is_active &＃61; models.BooleanField(default&＃61;True)is_admin &＃61; models.BooleanField(default&＃61;False)objects &＃61; MyUserManager()USERNAME_FIELD &＃61; &＃39;email&＃39;REQUIRED_FIELDS &＃61; [&＃39;name&＃39;]def get_full_name(self):# The user is identified by their email addressreturn self.namedef get_short_name(self):# The user is identified by their email addressreturn self.emaildef __str__(self):return self.emaildef has_perm(self, perm, obj&＃61;None):"Does the user have a specific permission?"# Simplest possible answer: Yes, alwaysreturn Truedef has_module_perms(self, app_label):"Does the user have permissions to view the app &＃96;app_label&＃96;?"# Simplest possible answer: Yes, alwaysreturn True&＃64;propertydef is_staff(self):"Is the user a member of staff?"# Simplest possible answer: All admins are staffreturn self.is_admin

from django.conf.urls import url
from web import views# 登录登出
urlpatterns &＃61; [url(r&＃39;^$&＃39;, views.index),url(r&＃39;^login/$&＃39;, views.account_login),url(r&＃39;^logout/$&＃39;, views.account_logout, name&＃61;&＃39;logout&＃39;),
]

from django.shortcuts import render, redirect, HttpResponse
from django.contrib.auth.decorators import login_required
from django.views.decorators.csrf import csrf_exempt
from web import models
# django 内置验证、登录、登出
from django.contrib.auth import authenticate, login, logout&＃64;login_required(login_url&＃61;&＃39;/crm/login/&＃39;)
def index(request):return render(request, &＃39;index.html&＃39;)def account_logout(request):logout(request)return redirect(&＃39;/crm/&＃39;)def account_login(request):if request.method &＃61;&＃61; &＃39;POST&＃39;:username &＃61; request.POST.get(&＃39;username&＃39;)password &＃61; request.POST.get(&＃39;password&＃39;)# django自带验证用户名密码user &＃61; authenticate(username&＃61;username, password&＃61;password)if user:login(request, user)return redirect(request.GET.get(&＃39;next&＃39;) or &＃39;/crm/&＃39;)return render(request, &＃39;login.html&＃39;)

from django.contrib import admin
from web import models
# Register your models here.from django import forms
from django.contrib import admin
from django.contrib.auth.models import Group
from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
from django.contrib.auth.forms import ReadOnlyPasswordHashFieldclass UserCreationForm(forms.ModelForm):"""A form for creating new users. Includes all the requiredfields, plus a repeated password."""password1 &＃61; forms.CharField(label&＃61;&＃39;Password&＃39;, widget&＃61;forms.PasswordInput)password2 &＃61; forms.CharField(label&＃61;&＃39;Password confirmation&＃39;, widget&＃61;forms.PasswordInput)class Meta:model &＃61; models.Accountfields &＃61; (&＃39;email&＃39;, &＃39;name&＃39;, &＃39;is_active&＃39;, &＃39;is_admin&＃39;)def clean_password2(self):# Check that the two password entries matchpassword1 &＃61; self.cleaned_data.get("password1")password2 &＃61; self.cleaned_data.get("password2")if password1 and password2 and password1 !&＃61; password2:raise forms.ValidationError("Passwords don&＃39;t match")return password2def save(self, commit&＃61;True):# Save the provided password in hashed formatuser &＃61; super(UserCreationForm, self).save(commit&＃61;False)user.set_password(self.cleaned_data["password1"])if commit:user.save()return userclass UserChangeForm(forms.ModelForm):"""A form for updating users. Includes all the fields onthe user, but replaces the password field with admin&＃39;spassword hash display field."""password &＃61; ReadOnlyPasswordHashField()class Meta:model &＃61; models.Accountfields &＃61; (&＃39;email&＃39;, &＃39;password&＃39;, &＃39;name&＃39;, &＃39;is_active&＃39;, &＃39;is_admin&＃39;)def clean_password(self):# Regardless of what the user provides, return the initial value.# This is done here, rather than on the field, because the# field does not have access to the initial valuereturn self.initial["password"]class AccountAdmin(BaseUserAdmin):# The forms to add and change user instances# form &＃61; UserChangeForm# add_form &＃61; UserCreationForm# The fields to be used in displaying the User model.# These override the definitions on the base UserAdmin# that reference specific fields on auth.User.list_display &＃61; (&＃39;email&＃39;, &＃39;name&＃39;, &＃39;is_admin&＃39;)list_filter &＃61; (&＃39;is_admin&＃39;,)fieldsets &＃61; ((&＃39;test&＃39;, {&＃39;fields&＃39;: (&＃39;email&＃39;, &＃39;password&＃39;)}),(&＃39;Personal info&＃39;, {&＃39;fields&＃39;: (&＃39;name&＃39;, &＃39;customer&＃39;)}),(&＃39;Permissions&＃39;, {&＃39;fields&＃39;: (&＃39;is_admin&＃39;, &＃39;role&＃39;)}),)# add_fieldsets is not a standard ModelAdmin attribute. UserAdmin# overrides get_fieldsets to use this attribute when creating a user.add_fieldsets &＃61; ((None, {&＃39;classes&＃39;: (&＃39;wide&＃39;,),&＃39;fields&＃39;: (&＃39;email&＃39;, &＃39;name&＃39;, &＃39;password1&＃39;, &＃39;password2&＃39;)}),)search_fields &＃61; (&＃39;email&＃39;,)ordering &＃61; (&＃39;email&＃39;,)filter_horizontal &＃61; ()# Now register the new UserAdmin...
admin.site.register(models.Account, AccountAdmin)