如何使用自定义用户模型从前端在 Django 中注册普通用户?
How to register a normal user in django from front end using custom user model?
# Custom User Model Code
from django.db import models
from django.contrib.auth.models import (
BaseUserManager, AbstractBaseUser
)
class MyUserManager(BaseUserManager):
def create_user(self, email, favorite_color, password=None):
"""
Creates and saves a User with the given email, favorite color
and password.
"""
if not email:
raise ValueError('Users must have an email address')
user = self.model(
email=self.normalize_email(email),
favorite_color=favorite_color,
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, favorite_color, password):
"""
Creates and saves a superuser with the given email, date of
birth and password.
"""
user = self.create_user(
email,
password=password,
favorite_color=favorite_color,
)
user.is_admin = True
user.is_superuser = True
user.save(using=self._db)
return user
class MyUser(AbstractBaseUser):
email = models.EmailField(
verbose_name='email address',
max_length=255,
unique=True,
)
favorite_color = models.CharField(max_length=50)
bio = models.TextField(null=True)
is_active = models.BooleanField(default=True)
is_admin = models.BooleanField(default=False)
is_superuser = models.BooleanField(default=False)
objects = MyUserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['favorite_color']
def __str__(self):
return self.email
def has_perm(self, perm, obj=None):
"Does the user have a specific permission?"
# Simplest possible answer: Yes, always
return True
def has_module_perms(self, app_label):
"Does the user have permissions to view the app `app_label`?"
# Simplest possible answer: Yes, always
return True
@property
def is_staff(self):
"Is the user a member of staff?"
# Simplest possible answer: All admins are staff
return self.is_admin
# Templates Code as I want to use my own template instead of using forms.py
<html>
<head>
<title>
CustomUserModel
</title>
</head>
<body>
<form method="POST" action="register">
{% csrf_token %}
Email : <input type="email" name="email"> <br>
Password : <input type="password" name="password"> <br>
Favourite Colour : <input type="text" name='colour'><b>
Bio : <textarea name='bio'></textarea> <br>
<button type="submit">SUBMIT</button>
</form>
</body>
</html>
# Views Code
def register(request):
if request.method == 'POST':
email = request.POST['email']
passwd = request.POST['password']
clr = request.POST['colour']
bio = request.POST['bio']
user = MyUser(email=email,password=passwd,favorite_color=clr,bio=bio)
user.save()
return redirect('/')
return render(request,'home.html')
我从前端注册用户时面临的主要问题是密码以明文格式保存到数据库中,它没有被散列,但是当我从 django 管理员注册用户时面板密码以正确的哈希格式保存。为什么会这样?
我需要在 views.py 中执行哪些更改才能将密码以正确的哈希格式存储在数据库中?
我不想使用 Django 表单。请帮忙
而不是
user = MyUser(email=email,password=passwd,favorite_color=clr,bio=bio)
使用
user = MyUser().create_user(email=email,password=passwd,favorite_color=clr,bio=bio)
user.set_password(password)中的create_user()方法对密码进行哈希处理,存储在数据库
您正在保存未散列的密码。
Django 用户有 set_password() 方法来处理散列。
def register(request):
if request.method == 'POST':
user = MyUser()
user.set_password(request.POST['password'])
user.email = request.POST['email']
user.favorite_color = request.POST['colour']
user.bio = request.POST['bio']
user.save()
return redirect('/')
return render(request,'home.html')
Note: You don't have any validation here. You should consider about writing some.
# Custom User Model Code
from django.db import models
from django.contrib.auth.models import (
BaseUserManager, AbstractBaseUser
)
class MyUserManager(BaseUserManager):
def create_user(self, email, favorite_color, password=None):
"""
Creates and saves a User with the given email, favorite color
and password.
"""
if not email:
raise ValueError('Users must have an email address')
user = self.model(
email=self.normalize_email(email),
favorite_color=favorite_color,
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, favorite_color, password):
"""
Creates and saves a superuser with the given email, date of
birth and password.
"""
user = self.create_user(
email,
password=password,
favorite_color=favorite_color,
)
user.is_admin = True
user.is_superuser = True
user.save(using=self._db)
return user
class MyUser(AbstractBaseUser):
email = models.EmailField(
verbose_name='email address',
max_length=255,
unique=True,
)
favorite_color = models.CharField(max_length=50)
bio = models.TextField(null=True)
is_active = models.BooleanField(default=True)
is_admin = models.BooleanField(default=False)
is_superuser = models.BooleanField(default=False)
objects = MyUserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['favorite_color']
def __str__(self):
return self.email
def has_perm(self, perm, obj=None):
"Does the user have a specific permission?"
# Simplest possible answer: Yes, always
return True
def has_module_perms(self, app_label):
"Does the user have permissions to view the app `app_label`?"
# Simplest possible answer: Yes, always
return True
@property
def is_staff(self):
"Is the user a member of staff?"
# Simplest possible answer: All admins are staff
return self.is_admin
# Templates Code as I want to use my own template instead of using forms.py
<html>
<head>
<title>
CustomUserModel
</title>
</head>
<body>
<form method="POST" action="register">
{% csrf_token %}
Email : <input type="email" name="email"> <br>
Password : <input type="password" name="password"> <br>
Favourite Colour : <input type="text" name='colour'><b>
Bio : <textarea name='bio'></textarea> <br>
<button type="submit">SUBMIT</button>
</form>
</body>
</html>
# Views Code
def register(request):
if request.method == 'POST':
email = request.POST['email']
passwd = request.POST['password']
clr = request.POST['colour']
bio = request.POST['bio']
user = MyUser(email=email,password=passwd,favorite_color=clr,bio=bio)
user.save()
return redirect('/')
return render(request,'home.html')
我从前端注册用户时面临的主要问题是密码以明文格式保存到数据库中,它没有被散列,但是当我从 django 管理员注册用户时面板密码以正确的哈希格式保存。为什么会这样? 我需要在 views.py 中执行哪些更改才能将密码以正确的哈希格式存储在数据库中?
我不想使用 Django 表单。请帮忙
而不是
user = MyUser(email=email,password=passwd,favorite_color=clr,bio=bio)
使用
user = MyUser().create_user(email=email,password=passwd,favorite_color=clr,bio=bio)
user.set_password(password)中的create_user()方法对密码进行哈希处理,存储在数据库
您正在保存未散列的密码。
Django 用户有 set_password() 方法来处理散列。
def register(request):
if request.method == 'POST':
user = MyUser()
user.set_password(request.POST['password'])
user.email = request.POST['email']
user.favorite_color = request.POST['colour']
user.bio = request.POST['bio']
user.save()
return redirect('/')
return render(request,'home.html')
Note: You don't have any validation here. You should consider about writing some.