自定義用戶登錄,使用自定義的表存放用戶信息,使用session保持會話連接,在關閉瀏覽器后session過期,登錄后可以自動跳轉會原來的頁面:
session管理:http://www.cnblogs.com/dreamer-fish/p/5434962.html
# -*- coding: UTF-8 -*- from django.shortcuts import render from django.http import HttpResponse,HttpResponseRedirectfrom aptest.forms import hvform,testform,vmform,lusersform from aptest.models import lusers from django.contrib.sessions.models import Session# Create your views here. global user_loggedin,login_url,dict_sessions user_loggedin='Guest' #設置未登錄的默認用戶名為Guest login_url = '/login' #設置登錄頁面url dict_sessions={} #設置session dict用於存放登錄后的用戶sessionkey,用於判斷該用戶是否已登錄。用戶注銷后則刪掉相應用戶的dict dey #定義登錄前檢查函數 def login_req(url=login_url): def getFun(func): def wrapper(request,*args, **kv): global user_loggedin #將user_loggedin設置為global,否則其他view獲取不到該值 request.session['backurl'] = request.path #獲取當前頁面的url,登錄成功后自動跳轉回該頁面,獲取不到則為None #request.session.set_expiry(1800) userinfo = request.session.get('s_username',None) #獲取session,如果獲取不到則設置為None if not userinfo: #在此取出login頁面的絕對路徑,可適應任意一級頁面跳轉到login頁面 return HttpResponseRedirect('/' + request.path.strip().split('/')[1] + login_url) #沒有登錄,則跳轉到登錄頁面 else: user_loggedin=request.session['s_username'] #獲取當前登錄用戶名 #print 'deco dict_sessions-first::::::',dict_sessions #,dict_sessions[str(request.session['s_username'])] try: #用戶第一次登錄后將相應的username和sessionkey放入到字典中,當用戶第二次登錄后,使用新的sessionkey同之前存在字典中的sessionkey進行比較, #如果不同,則從數據庫中刪掉第一次的session,使之失效,同時使用新的sessionkey更新字典;如果相同,則字典中的sessionkey保持不變,視之為同一次登錄 if request.session.session_key <> dict_sessions[request.session['s_username']]: Session.objects.get(pk=dict_sessions[request.session['s_username']]).delete() dict_sessions[request.session['s_username']] = request.session.session_key except KeyError: #如果用戶是第一次登錄,則取不到字典的key值,於是就將當前的username和sessionkey放入到字典中 dict_sessions[request.session['s_username']] = request.session.session_key return func(request,*args, **kv) return wrapper return getFun @login_req() def index(request): #主頁 return HttpResponse(u"Welcome to my index page.") @login_req() def add(request): a=3 b=55 c=int(a)+int(b) err=[] if request.method == 'POST': #print request.POST['hvname'],request.POST['hvip'] print request.method form = hvform(request.POST) if form.is_valid(): #判斷輸入數據是否合法 #print form #print form.cleaned_data['name'],form.cleaned_data['ip'] fc = form.cleaned_data print fc['name'],fc['ip'] else: err.append(form.errors) #輸出錯誤信息 else: form = hvform() hour_offset= time.ctime() ls = range(10) context={'hour_offset':hour_offset,'ls':ls,'err':err,'user_loggedin':user_loggedin} return render(request,'aptest/form.html',context) @login_req() def testvw(request): err=[] if request.method == 'POST': print request.method form = vmform(request.POST) if form.is_valid(): #判斷輸入數據是否合法 fc = form.cleaned_data print fc['hvname'],fc['name'],fc['cpu'] else: err.append(form.errors) #輸出錯誤信息 else: form = vmform() context={'err':err,'user_loggedin':user_loggedin} return render(request,'aptest/current_datetime.html',context) #定義用戶登錄函數,並判斷登錄后是否自動跳轉到前一個頁面,還是跳轉到主頁 def login(request): user_loggedin='Guest' errors_list=[] if request.method == 'POST': form = lusersform(request.POST) if form.is_valid(): fc = form.cleaned_data #print fc['name'],fc['password'] try: usero = lusers.objects.get(name=fc['name']) if usero.password == fc['password']: request.session['s_username'] = usero.name #設置該用戶的session user_loggedin = usero.name #獲取登陸后用戶的用戶名 #print 'login -get backurl: ',request.session.get('backurl'),request.session['s_username'] if request.session.get('backurl') is not None: #檢查跳轉前的url是否存在 redirecturl = request.session['backurl'] else: redirecturl = '/' + request.path.strip().split('/')[1] #跳轉前的url不存在則跳轉到主頁 return HttpResponseRedirect(redirecturl) else: errors_list.append('password is not correct!') except Exception: errors_list.append(fc['name'] + ' Doesnot Exists') else: errors_list.append(form.errors) #輸出字段格式錯誤信息 else: form = lusersform() if request.session.get('s_username') is not None: user_loggedin = request.session.get('s_username') context={'errors_list':errors_list,'user_loggedin':user_loggedin} return render(request,'aptest/login.html',context) #定義用戶注銷函數 def logout(request): #user_loggedin='Guest' try: #刪除保存用戶名和跳轉前url的session dict_sessions.pop(request.session['s_username']) for key in list(request.session.keys()): del request.session[key] except KeyError: pass #注銷登陸后跳轉到原頁面 #return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/')) return HttpResponseRedirect('../login')
修改關閉瀏覽器后session過期:
1.在settings.py最后一行添加 SESSION_EXPIRE_AT_BROWSER_CLOSE=True
2.清空已保存的session:delete from django_session
3.清空IE緩存
4.重新測試OK,使用print request.session.get_expire_at_browser_close()查看session是否在瀏覽器關閉后失效
settings中
SESSION_COOKIE_AGE=60*30 30分鍾。
SESSION_EXPIRE_AT_BROWSER_CLOSE False:會話cookie可以在用戶瀏覽器中保持有效期。True:關閉瀏覽器,則Cookie失效。
SESSION_COOKIE_DOMAIN 生效站點
SESSION_COOKIE_NAME cookie中保存session的名稱
Session使用比較簡單,在request.session是一個字典類。session是保存在數據庫中的。
判斷所請求的URL中是否包含有next參數,如果有則跳轉到next頁面(即登錄前頁面)
def login(request): nextfullurl = request.get_full_path() #獲取完整的url,通過next判斷是否需要跳轉到原頁面 if request.method == 'POST': u = request.POST.get('username').strip() p = request.POST.get('password') user = authenticate(username=u, password=p) if user is not None: auth_login(request, user) if request.GET.has_key('next'): #有時可能需要通過request.POST.has_key('next')判斷,看前端以何種方式提交該URL,默認submit提交為GET方式 R_url = request.GET['next'] else: R_url = '/sinfors/srvinfors' try: mgmtusers.objects.get(sAMAccountName=u) return HttpResponseRedirect(R_url) except Exception: errors_list=[] errors_list.append(u + ' does not exist') return render(request,'sinfors/loginm.html',{'errors':errors_list[0]}) else: errors_list=[] try: if not auth_User.objects.get(username = u).check_password(p): errors_list.append(u + ' password is not correct') except auth_User.DoesNotExist: errors_list.append(u + ' does not exist1') return render(request,'sinfors/loginm.html',{'errors':errors_list[0]}) return render(request,'sinfors/loginm.html')
在settings.py中統一設置LOGIN_URL
LOGIN_URL = '/sinfors/login/' #Login Page. #LOGIN_REDIRECT_URL='/'
再使用login_required的時候可以直接使用,如下:
@login_required
def srvmgmt_domainnames(request):
通過使用url中的next關鍵字判斷需要跳轉到的頁面:
def login(request): nextfullurl = request.get_full_path() #獲取完整的url,通過next判斷是否需要跳轉到原頁面 if request.method == 'POST': u = request.POST.get('username').strip() p = request.POST.get('password') user = authenticate(username=u, password=p) if user is not None: auth_login(request, user) try: mgmtusers.objects.get(sAMAccountName=u) if nextfullurl.find('?next=') <> -1: #如果包含有next,則設置需要跳轉的url R_url = nextfullurl.split('?next=')[1] else: R_url = '/sinfors/srvinfors' return HttpResponseRedirect(R_url) except Exception: errors_list=[] errors_list.append(u + ' does not exist') return render(request,'sinfors/loginm.html',{'errors':errors_list[0]}) else: errors_list=[] try: if not auth_User.objects.get(username = u).check_password(p): errors_list.append(u + ' password is not correct') except auth_User.DoesNotExist: errors_list.append(u + ' does not exist1') return render(request,'sinfors/loginm.html',{'errors':errors_list[0]}) return render(request,'sinfors/loginm.html')