如果用户名和密码存储在数据库中,为什么 user.is_active 是假的?
Why user.is_active is false if the username and password are stored in the database?
每次我尝试登录我创建的网站时,它 returns views.py 中的 user_login 函数中的 else,但我不明白为什么,因为它正确存储在数据库中的用户中。
views.py
from django.shortcuts import render
from django.contrib.auth import authenticate, login, logout
from django.urls import reverse
from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect, HttpResponse
from django.contrib.auth.models import User
from .forms import UserForm
# Create your views here.
def index(request):
return render(request, 'app1/index.html')
@login_required
def user_logout(request):
logout(request)
return HttpResponseRedirect(reverse('index'))
def register(request):
registered = False
if request.method == 'POST':
user_form = UserForm(data=request.POST)
if user_form.is_valid():
user = user_form.save()
user.set_password(user.password)
user.save()
registered = True
else:
print(user_form.errors)
else:
user_form = UserForm()
return render(request, 'app1/register.html',{'user_form':user_form, 'registered':registered})
def user_login(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username = username, password = password)
if user:
if user.is_active:
login(request, user)
return HttpResponseRedirect(reverse('index'))
else:
return HttpResponse("Account Not Active")
else:
print("Someone tried to login and failed")
print(f"Username: {username} and password {password}")
return HttpResponse ("Invalid Login details supplied")
else:
return render(request, 'app1/login.html',)
forms.py
from django import forms
from django.contrib.auth.models import User
from django.contrib.auth.forms import UserCreationForm
class UserForm(forms.ModelForm):
password = forms.CharField(widget=forms.PasswordInput())
class Meta():
model = User
fields = ('username','email', 'password')
models.py
from django.db import models
from django.contrib.auth.models import User
login.html
{% extends 'app1/base.html' %}
{% block body_block %}
<div class="jumbotron">
<h1>Please Login</h1>
<form action="{% url 'app1:user_login' %}" method="POST">
{% csrf_token %}
<label for="username">Username:</label>
<input type="text" name = "usuario" placeholder = "enter username">
<label for="password">Password:</label>
<input type="password" name="contra">
<input type="submit" value="Login">
</form>
</div>
{% endblock %}
所以,如果有人在我的代码中发现错误,请通知我,因为我确实被这个问题所困扰。
问题似乎是您缺少必填字段。必填字段为:用户名、密码 1 和密码 2。您需要两个密码字段以便对其进行验证(即检查两个字段中是否填写了相同的密码)。
这里是相关文档:https://docs.djangoproject.com/en/3.0/topics/auth/default/
验证方法将请求作为第一个参数。
def user_login(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
# user = authenticate(username = username, password = password)
user = authenticate(request, username = username, password = password)
if user:
if user.is_active:
login(request, user)
return HttpResponseRedirect(reverse('index'))
else:
return HttpResponse("Account Not Active")
else:
print("Someone tried to login and failed")
print(f"Username: {username} and password {password}")
return HttpResponse ("Invalid Login details supplied")
else:
return render(request, 'app1/login.html',)
正如第一个答案所暗示的那样,密码(不是密码 1)和密码 2 不是必需的 args 您只需要密码来设置密码,您如何验证它取决于您。
编辑
<form action="{% url 'app1:user_login' %}" method="POST">
{% csrf_token %}
<label for="username">Username:</label>
<input type="text" name="username" id="username"placeholder = "enter username">
<label for="password">Password:</label>
<input type="password" name="password" id="password">
<button type="submit">Submit</button>
每次我尝试登录我创建的网站时,它 returns views.py 中的 user_login 函数中的 else,但我不明白为什么,因为它正确存储在数据库中的用户中。
views.py
from django.shortcuts import render
from django.contrib.auth import authenticate, login, logout
from django.urls import reverse
from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect, HttpResponse
from django.contrib.auth.models import User
from .forms import UserForm
# Create your views here.
def index(request):
return render(request, 'app1/index.html')
@login_required
def user_logout(request):
logout(request)
return HttpResponseRedirect(reverse('index'))
def register(request):
registered = False
if request.method == 'POST':
user_form = UserForm(data=request.POST)
if user_form.is_valid():
user = user_form.save()
user.set_password(user.password)
user.save()
registered = True
else:
print(user_form.errors)
else:
user_form = UserForm()
return render(request, 'app1/register.html',{'user_form':user_form, 'registered':registered})
def user_login(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username = username, password = password)
if user:
if user.is_active:
login(request, user)
return HttpResponseRedirect(reverse('index'))
else:
return HttpResponse("Account Not Active")
else:
print("Someone tried to login and failed")
print(f"Username: {username} and password {password}")
return HttpResponse ("Invalid Login details supplied")
else:
return render(request, 'app1/login.html',)
forms.py
from django import forms
from django.contrib.auth.models import User
from django.contrib.auth.forms import UserCreationForm
class UserForm(forms.ModelForm):
password = forms.CharField(widget=forms.PasswordInput())
class Meta():
model = User
fields = ('username','email', 'password')
models.py
from django.db import models
from django.contrib.auth.models import User
login.html
{% extends 'app1/base.html' %}
{% block body_block %}
<div class="jumbotron">
<h1>Please Login</h1>
<form action="{% url 'app1:user_login' %}" method="POST">
{% csrf_token %}
<label for="username">Username:</label>
<input type="text" name = "usuario" placeholder = "enter username">
<label for="password">Password:</label>
<input type="password" name="contra">
<input type="submit" value="Login">
</form>
</div>
{% endblock %}
所以,如果有人在我的代码中发现错误,请通知我,因为我确实被这个问题所困扰。
问题似乎是您缺少必填字段。必填字段为:用户名、密码 1 和密码 2。您需要两个密码字段以便对其进行验证(即检查两个字段中是否填写了相同的密码)。
这里是相关文档:https://docs.djangoproject.com/en/3.0/topics/auth/default/
验证方法将请求作为第一个参数。
def user_login(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
# user = authenticate(username = username, password = password)
user = authenticate(request, username = username, password = password)
if user:
if user.is_active:
login(request, user)
return HttpResponseRedirect(reverse('index'))
else:
return HttpResponse("Account Not Active")
else:
print("Someone tried to login and failed")
print(f"Username: {username} and password {password}")
return HttpResponse ("Invalid Login details supplied")
else:
return render(request, 'app1/login.html',)
正如第一个答案所暗示的那样,密码(不是密码 1)和密码 2 不是必需的 args 您只需要密码来设置密码,您如何验证它取决于您。
编辑
<form action="{% url 'app1:user_login' %}" method="POST">
{% csrf_token %}
<label for="username">Username:</label>
<input type="text" name="username" id="username"placeholder = "enter username">
<label for="password">Password:</label>
<input type="password" name="password" id="password">
<button type="submit">Submit</button>