在login.html中
{% csrf_token %} ##注意form,注意action就是当前页面,method是post还是get将触发后台的动作,整个form由submit来触发。 ##注意{% csrf_token %}。django默认启动 'django.middleware.csrf.CsrfViewMiddleware'中间件, 这个中间件就是来验证csrf_token的。如果没有加csrf_token,就会出错。 在view.py中 def login(request): loginfo = data_gen.login() userid = 0 userkey = 0 global qxpro global qxfunc if request.method == "POST": userid = request.POST.get("uid") userkey = request.POST.get("ukey") if (userid==loginfo.user01[0][0] and userkey==loginfo.user01[0][1]): qxpro = loginfo.user01[1] qxfunc = loginfo.user01[2] response = HttpResponseRedirect('/index/') response.set_cookie("username", 'kdkj') return response elif (userid==loginfo.user02[0][0] and userkey==loginfo.user02[0][1]): qxpro = loginfo.user02[1] qxfunc = loginfo.user02[2] response = HttpResponseRedirect('/index/') response.set_cookie("username", 'shzf') return response return render(request, 'login.html') 在data_gen中 class login(): user01 = (('kdkj','123456'),(1,1,1,0,0),(1,1,1,1,1,1,1,1,1)) user02 = (('shzf', 'shzf'), (1, 1, 0, 0, 0), (1, 1, 1, 0, 0, 0, 1, 0, 0)) ###eb\pd\ac\gl\pv\es\tf\dd def __str__(self): return self.ID ###在类login中建立用户账号和权限 # 用户权限配置 View.Py: def login(request): loginfo = basic.log() username = 0 userkey = 0if request.method == "POST": username = request.POST.get("uname") userkey = request.POST.get("ukey") try: userdoc = loginfo.user(username) if (userkey==userdoc[0][2])and(userdoc[1]=='free'): user_id =loginfo.login_set(username) print("cookie is |", user_id) request.session['userid'] = user_id ##very import, session to store user ID response = HttpResponseRedirect('../index/') return response else: return render(request, 'login.html') except: return render(request, 'login.html') return render(request, 'login.html')
######################################################################################
def logout(request):
user_id = request.session.get(‘userid’) ##get user ID from session
loginfo = basic.log()
obj = loginfo.logout_set(user_id) ##set user state as “free” in “user_doc” table
return render(request, 'gate.html')
##################################################################################
def acount(request):
signinfo = basic.signon()
username = 0
userkey = 0
userkey2 = 0
if request.method == "POST": username = request.POST.get("uname") userkey = request.POST.get("ukey") userkey2 = request.POST.get("ukey2") try: if userkey == userkey2 and userkey != username and len(userkey) > 5: print(username) if signinfo.chk(username)==0: type_def = 'free' prj = "1001,1002" ath = "1,0,0,0,0,0,0,0" signinfo.sign(username, userkey, type_def, prj, ath) response = HttpResponseRedirect('../login/') return response else: slogan = "YOUR NAME HAD BEEN SIGNED SIR!!" return render(request, 'acount.html', {"slogan": slogan}) else: slogan = "YOUR INFORMATION IS WRONG SIR!!" return render(request, 'acount.html', {"slogan": slogan}) except: slogan = "Sorry Try Again SIR!!" return render(request, 'acount.html', {"slogan": slogan}) slogan = "WELCOME SIR!!" return render(request, 'acount.html',{"slogan":slogan})
#####################################################################################
def index(request):
user_id = request.session.get(‘userid’) ##get user ID from session
print(“user ID”, user_id)
loginfo = basic.log()
user_auth = loginfo.log_chk(user_id) ##get more user information from “user_doc” table
Basic.py:
class log:
def user(self,uname):
obj = user_doc.objects.get(user_name=uname)
user_type = obj.type
user_proj = obj.proj.split(’,’)
user_proj = list(map(int,user_proj))
user_func = obj.auth.split(’,’)
user_func = list(map(int, user_func))
user = [[obj.ID,obj.user_name,obj.user_key], user_type, user_proj, user_func] return user def login_set(self,uname): obj = user_doc.objects.get(user_name=uname) user_id = obj.ID obj.type = 'busy' ## set user type state as “busy” obj.save() return user_id def logout_set(self,user_id): obj = user_doc.objects.get(ID=user_id) obj.type = 'free' ## set user type state as “free” obj.save() return self def log_chk(self,user_id): obj = user_doc.objects.get(ID=user_id) user_proj = obj.proj.split(',') user_proj = list(map(int, user_proj)) user_func = obj.auth.split(',') user_func = list(map(int, user_func)) user_auth = [user_proj, user_func] return user_auth
Models.py:
###########################################
class user_doc(models.Model):
ID = models.AutoField(primary_key=True)
user_name = models.CharField(max_length=30)
user_key = models.CharField(max_length=30)
type = models.CharField(max_length=20) ##‘free’-available, else-inusing
proj = models.CharField(max_length=1000) ##project authority: 101,102
auth = models.CharField(max_length=100) ##function authority:1,2,3,4,5
在index.html中