賬號登錄及權限管理
目錄
1.登錄功能
2.退出登錄
3.權限管理
4.代碼展示合集
這篇文章, 會講到如何實現賬號登錄。賬號就是我們上一篇文章寫的賬號管理功能, 就使用那里面已經創建好的賬號。這一次登錄, 我們分為三種角色, 分別是員工, 領導, 管理員。不同的角色, 登錄進去之后的頁面都是不一樣的, 管理員權限最大, 擁有所有的功能, 而員工, 只有查看數據的功能, 不能做增刪改, 而且能看到的數據, 也只有一部分數, 這種功能, 就是我們所謂的權限管理。
一、登錄功能
如果嫌麻煩, 不想自己寫登錄界面的話, 可以去網上搜一下別人已經寫好的登錄界面。
網址: blog.csdn.net/ss810540895/article/details/125799099。
我們就找這一個登錄界面吧:
我們把它的源碼全部copy下來, 然后在templates下面的新建login文件夾, 接著再新建文件login.html。
login.html代碼:
<!DOCTYPE html>
<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Document</title><style>* {margin: 0;padding: 0;}a {text-decoration: none;}input,button {background: transparent;border: 0;outline: none;}body {height: 100vh;background: linear-gradient(#141e30, #243b55);display: flex;justify-content: center;align-items: center;font-size: 16px;color: #03e9f4;}.loginBox {width: 400px;height: 364px;background-color: #0c1622;margin: 100px auto;border-radius: 10px;box-shadow: 0 15px 25px 0 rgba(0, 0, 0, .6);padding: 40px;box-sizing: border-box;}h2 {text-align: center;color: aliceblue;margin-bottom: 30px;font-family: 'Courier New', Courier, monospace;}.item {height: 45px;border-bottom: 1px solid #fff;margin-bottom: 40px;position: relative;}.item input {width: 100%;height: 100%;color: #fff;padding-top: 20px;box-sizing: border-box;}.item input:focus+label,.item input:valid+label {top: 0px;font-size: 2px;}.item label {position: absolute;left: 0;top: 12px;transition: all 0.5s linear;}.btn {padding: 10px 20px;margin-top: 30px;color: #03e9f4;position: relative;overflow: hidden;text-transform: uppercase;letter-spacing: 2px;left: 35%;}.btn:hover {border-radius: 5px;color: #fff;background: #03e9f4;box-shadow: 0 0 5px 0 #03e9f4,0 0 25px 0 #03e9f4,0 0 50px 0 #03e9f4,0 0 100px 0 #03e9f4;transition: all 1s linear;}.btn>span {position: absolute;}.btn>span:nth-child(1) {width: 100%;height: 2px;background: -webkit-linear-gradient(left, transparent, #03e9f4);left: -100%;top: 0px;animation: line1 1s linear infinite;}@keyframes line1 {50%,100% {left: 100%;}}.btn>span:nth-child(2) {width: 2px;height: 100%;background: -webkit-linear-gradient(top, transparent, #03e9f4);right: 0px;top: -100%;animation: line2 1s 0.25s linear infinite;}@keyframes line2 {50%,100% {top: 100%;}}.btn>span:nth-child(3) {width: 100%;height: 2px;background: -webkit-linear-gradient(left, #03e9f4, transparent);left: 100%;bottom: 0px;animation: line3 1s 0.75s linear infinite;}@keyframes line3 {50%,100% {left: -100%;}}.btn>span:nth-child(4) {width: 2px;height: 100%;background: -webkit-linear-gradient(top, transparent, #03e9f4);left: 0px;top: 100%;animation: line4 1s 1s linear infinite;}@keyframes line4 {50%,100% {top: -100%;}}</style>
</head><body><div class="loginBox"><h2>login</h2><form action=""><div class="item"><input type="text" required><label for="">userName</label></div><div class="item"><input type="password" required><label for="">password</label></div><button class="btn">submit<span></span><span></span><span></span><span></span></button></form></div>
</body>
</html>
然后我們在views下創建login.py文件:
login.py代碼:
from django.core.exceptions import ValidationError
from django.shortcuts import render, redirectfrom project_one.utils import pwd_data
from project_one.utils.PageData import PageData
from django import formsfrom project_one import models# Create your views here.
class LoginForm(forms.Form):# 在登錄界面里面, 只需要用戶名和密碼的輸入框即可, 在attrs里面設置輸入框的屬性。username = forms.CharField(widget=forms.TextInput(attrs={"placeholder": "用戶名", "autocomplete": "off"}))password = forms.CharField(widget=forms.PasswordInput(attrs={"placeholder": "密碼", "autocomplete": "off", "type": "password"}))# 對密碼進行校驗, 在校驗函數里面, 我們對密碼進行加密處理def clean_password(self):password = self.cleaned_data['password']return pwd_data.md5(password)def login(request):if request.method == 'GET':form = LoginForm()return render(request, "login/login.html", {'form': form})form = LoginForm(request.POST)if form.is_valid():print(form.cleaned_data)admin_object = models.AdminRole.objects.filter(**form.cleaned_data).first()if not admin_object:form.add_error("password", "賬號或密碼錯誤")return render(request, "login/login.html", {'form': form})# 如果用戶名和密碼正確,即可登陸成功,將用戶名和密碼,身份信息存儲在session當中request.session['info'] = {"id": admin_object.id, "username": admin_object.username, "password": admin_object.password, "role": admin_object.role}# 設置賬號的時效期, 這里以秒為單位, 我們設置一個賬號, 登錄以后, 可以有一天時間使用, 時效期過去之后需要重新登錄才可以繼續使用網頁request.session.set_expiry(60*60*24*1)# 登錄成功過后, 會跳轉到首頁。return redirect('/')render(request, "login/login.html", {'form': form})
這里面我們不用之前的modelform而是直接用form, 我們這里只用到了表單, 但并沒有用到數據庫里面的字段, 不過我們在登錄的時候, 判斷賬號密碼是否正確的時候, 用到了
admin_object = models.AdminRole.objects.filter(**form.cleaned_data).first()這樣一句話。這一句話, 也用了AdminRole那張數據表。意思是說判斷輸入框里面的內容, 有沒有出現在AdminRole數據庫里面, 如果有, 并且賬號和密碼也都對的上號, 那就說明登錄成功, 否則就是登錄失敗。成功和失敗, 就是admin_object的布爾值來決定的,models.AdminRole.objects.filter(**form.cleaned_data).first()返回的是布爾值。這里面沒有對AdminRole表格進行任何增刪改之類的操作, 所以不用modelform而是用form。
配置路由:
urls.py:
"""project_simple URL ConfigurationThe `urlpatterns` list routes URLs to views. For more information please see:https://docs.djangoproject.com/en/4.1/topics/http/urls/
Examples:
Function views1. Add an import: from my_app import views2. Add a URL to urlpatterns: path('', views.home, name='home')
Class-based views1. Add an import: from other_app.views import Home2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
Including another URLconf1. Import the include() function: from django.urls import include, path2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path
from project_one.views import depart, user, assets, admin_role, loginurlpatterns = [path("login/", login.login)
]運行結果:
登錄下看看:
我們可以看到成功登錄:
登錄過后, 跳轉到了首頁。
但是這里面還有個bug, 就比如人家記住了首頁, 或者其它頁面的路由, 把/login改為了/index, 然后跳過了登錄界面直接到了首頁, 那這樣的話, 就相當于登錄功能沒有任何意義。
所以我們不允許別人這樣操作, 一旦人家這么操作, 我們就再讓界面重定向到登錄界面, 這樣的話, 人家就無法通過改變路由來切換頁面了。
我們這時候就要用到中間件來解決該問題。
我們在app里面創建middleware文件夾, 在下面創建一個auth.py文件。
auth.py代碼:
from django.shortcuts import render, redirect, HttpResponse
from django.utils.deprecation import MiddlewareMixin
from django.conf import settings# 自己寫中間件, 需要導入包: from django.utils.deprecation import MiddlewareMixin
class AuthMiddleware(MiddlewareMixin):# 登錄校驗def process_request(self, request):# 避免打開login頁面之后驗證login頁面, 不然就會產生死循環。# 這里需要忽略以下路由if request.path_info in ["/login/", "/logout/"]:returninfo_dict = request.session.get('info')if info_dict:request.unicom_id = info_dict['id']request.unicom_username = info_dict['username']request.unicom_role = info_dict['role']returnreturn redirect("/login/")這里面的request.unicom_xxx = info_dict[‘xxx’]這樣的寫法, 就是獲取之前在登錄那邊寫的session里面的info信息里面的各個key的值, 我們分別獲取id, username和role三個key的值, 之后我們會用到。
這里面的代碼就是防止用戶通過改變路由的方式來跳過密碼登錄的一個手段。
然后我們需要在settings.py里面配置中間件:
settings.py(中間件部分的配置代碼):
MIDDLEWARE = ['django.middleware.security.SecurityMiddleware','django.contrib.sessions.middleware.SessionMiddleware','django.middleware.common.CommonMiddleware','django.middleware.csrf.CsrfViewMiddleware','django.contrib.auth.middleware.AuthenticationMiddleware','django.contrib.messages.middleware.MessageMiddleware','django.middleware.clickjacking.XFrameOptionsMiddleware',# 我們自己寫的中間件AuthMiddleware。'project_one.middleware.auth.AuthMiddleware'
]
找到MIDDLEWARE, 里面把我們自己寫好的中間件添加進去。
此時此刻, 再打開網頁去試一試, 進去之后, 如果有把路由login改為其它路由的操作的話, 網頁會重定向到login界面, 那就不會出現剛才那種情況啦。
還有, 我們登錄成功之后, 在網頁的右上角有個人信息的展示, 那邊的昵稱必須是展示登錄賬號的那個昵稱。
所以我們還需要修改前端的對應代碼:
model_tmp.html:
<ul class="nav navbar-nav navbar-right"><li class="dropdown"><a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"aria-expanded="false">歡迎-->{{ request.session.info.username }}<span class="caret"></span></a><ul class="dropdown-menu"><li><a href="#">退出登錄</a></li></ul></li>
</ul>
二、退出功能
這個其實很簡單, 就是當用戶點擊退出登錄的按鈕之后, 我們需要做的就是讓網頁重定向到登錄界面。
我們再login.py里面寫重定向代碼:
login.py:
def logout(request):# 退出登錄的時候, 清除session。request.session.clear()return redirect("/login/")
這里不要忘記清除session, session是一個賬戶登錄之后, 存儲的賬號相關信息, 在用戶選擇退出登錄的時候, 必須清除。
路由配置:
urls.py:
"""project_simple URL ConfigurationThe `urlpatterns` list routes URLs to views. For more information please see:https://docs.djangoproject.com/en/4.1/topics/http/urls/
Examples:
Function views1. Add an import: from my_app import views2. Add a URL to urlpatterns: path('', views.home, name='home')
Class-based views1. Add an import: from other_app.views import Home2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
Including another URLconf1. Import the include() function: from django.urls import include, path2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path
from project_one.views import depart, user, assets, admin_role, loginurlpatterns = [path("login/", login.login),path("logout/", login.logout)
]
最后我們在前端頁面里面綁定退出登錄功能的路由:
model_tmp.html
<ul class="nav navbar-nav navbar-right"><li class="dropdown"><a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"aria-expanded="false">Nathan<span class="caret"></span></a><ul class="dropdown-menu">{# 給退出登錄加上對應的路由 #}<li><a href="/logout/">退出登錄</a></li></ul></li>
</ul>
三、權限管理
在文章的一開始我們也說到, 不同的角色, 登錄進去的頁面和功能都不一樣, 權限也不一樣。
要實現這個功能, 也需要在中間件里面寫相應的代碼, 不過我們在寫中間件的代碼之前, 我們還需要做兩步。
1.在每一個路由path的最后面, 都加上name屬性:
urls.py
"""project_simple URL ConfigurationThe `urlpatterns` list routes URLs to views. For more information please see:https://docs.djangoproject.com/en/4.1/topics/http/urls/
Examples:
Function views1. Add an import: from my_app import views2. Add a URL to urlpatterns: path('', views.home, name='home')
Class-based views1. Add an import: from other_app.views import Home2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
Including another URLconf1. Import the include() function: from django.urls import include, path2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path
from project_one.views import depart, user, assets, admin_role, loginurlpatterns = [# path('admin/', admin.site.urls),path("", depart.index, name="index"),path("depart/", depart.depart, name="depart"),path("depart/add/", depart.add_depart, name="add_depart"),path("depart/<int:nid>/modify/", depart.depart_modify, name="depart_modify"),path("depart/<int:nid>/del/", depart.del_depart, name="del_depart"),path("user/", user.user_info, name="user_info"),path("user/add/", user.user_add, name="user_add"),path("user/<int:nid>/modify/", user.user_modify, name="user_modify"),path("user/<int:nid>/del/", user.user_del, name="user_del"),path("user/add/modelform", user.user_add_modelform, name="user_add_modelform"),path("user/<int:nid>/modify/modelform", user.user_modify_modelform, name="user_modify_modelform"),path("assets_list/", assets.assets, name="assets"),path("assets/add/", assets.assets_add, name="assets_add"),path("assets/<int:nid>/modify/", assets.assets_modify, name="assets_modify"),path("assets/<int:nid>/del/", assets.assets_del, name="assets_del"),path("admin_list/", admin_role.admin, name="admin"),path("admin/add/", admin_role.admin_add, name="admin_add"),path("admin/<int:nid>/modify/", admin_role.admin_modify, name="admin_modify"),path("admin/<int:nid>/reset/pwd/", admin_role.admin_reset_pwd, name="admin_reset_pwd"),path("admin/<int:nid>/del/", admin_role.admin_del, name="admin_del"),path("login/", login.login, name="login"),path("logout/", login.logout, name="logout")
]
2.在settings.py設置文件里面, 加上權限列表:
settings.py:
UNICOM_PERMISSION = {1: ["add_depart", "depart_modify", "del_depart", "user_add", "user_modify", "user_del", "user_add_modelform","user_modify_modelform", "assets_add", "assets_modify", "assets_del", "admin_add", "admin_modify","admin_reset_pwd", "admin_del"],2: [],3: []
}
這里面的1代表員工(用戶), 2代表領導, 3代表管理員。
在1對應的列表里面的所有路由, 都是被禁止訪問以及使用的, 也就是說員工有以上列表里面的那些東西是不能夠訪問的。
然后才是寫中間件代碼:
auth.py代碼:
from django.shortcuts import render, redirect, HttpResponse
from django.utils.deprecation import MiddlewareMixin
from django.conf import settings# 自己寫中間件, 需要導入包: from django.utils.deprecation import MiddlewareMixin
class AuthMiddleware(MiddlewareMixin):# 登錄校驗def process_request(self, request):# 避免打開login頁面之后驗證login頁面, 不然就會產生死循環。# 這里需要忽略以下路由if request.path_info in ["/login/", "/logout/"]:returninfo_dict = request.session.get('info')if info_dict:request.unicom_id = info_dict['id']request.unicom_username = info_dict['username']request.unicom_role = info_dict['role']returnreturn redirect("/login/")def process_view(self, request, view_func, args, kwargs):if request.path_info in ["/login/", "/logout/"]:returnrole = request.unicom_role# 這個就是我們剛才在配置文件settings.py里面配置的UNICOM_PERMISSION列表。# 寫這個代碼需要導入相應的包:from django.conf import settingsuser_permission_list = settings.UNICOM_PERMISSION[role]# 當前請求的路由name不在這個列表當中, 說明可以訪問, 因為我們在settings.py配置文件里面寫到, UNICOM_PERMISSION里面寫的路由, 是被禁止訪問的。這里需要用到request.resolver_match.url_name來代表用戶訪問網站時候的網址對應的路由。if request.resolver_match.url_name not in user_permission_list:returnreturn HttpResponse("沒有權限")這樣, 我們就把權限管理的功能寫好了, 我們只需要在前端進行判斷當前登錄的賬號是員工還是管理員就可以了。
user_list.html:
{# 表頭內容 #}
{% if request.unicom_role == 3 %}<th>操作</th>
{% endif %}
{# 表中的內容 #}
{% if request.unicom_role == 3 %}<td style="color: green"><a href="/user/{{ data.id }}/modify/modelform"><span style="color: green;" class="glyphicon glyphicon-pencil" aria-hidden="true"></span></a><a href="/user/{{ data.id }}/del/"><span style="color: red;" class="glyphicon glyphicon-trash" aria-hidden="true"></span></a></td>
{% endif %}
depart.html:
{# 表頭內容 #}
{% if request.unicom_role == 3 %}<th>操作</th>
{% endif %}
{# 表中的內容 #}
{% if request.unicom_role == 3 %}<td style="color: green"><a href="/depart/{{ data.id }}/modify/"><span style="color: green;" class="glyphicon glyphicon-pencil" aria-hidden="true"></span></a><a href="/depart/{{ data.id }}/del/"><span style="color: red;" class="glyphicon glyphicon-trash" aria-hidden="true"></span></a></td>
{% endif %}
網頁里面的
if request.unicom_role == 3這行代碼就是判斷登錄的賬號是不是管理員賬號, 如果是的話, 可以展現操作那一列的數據, 并且可以進行修改和刪除, 否則就不行。
model_tmp.html:
{% if request.unicom_role == 1 %}<li class="active"><a href="/depart/">部門頁面</a></li><li class="active"><a href="/user/">員工頁面</a></li>
{% elif request.unicom_role == 3%}<li class="active"><a href="/depart/">部門頁面</a></li><li class="active"><a href="/user/">員工頁面</a></li><li class="active"><a href="/assets_list/">資產頁面</a></li>
{% endif %}
中間還有很多代碼, 略……………………
{% if request.unicom_role == 3 %}<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"aria-expanded="false">平臺用戶<span class="caret"></span></a>
{% endif %}
這里面的意思也很簡單, 就是員工只能看到部門頁面的信息和員工頁面的信息, 而且只能夠查看信息(只能查看信息的原因, 在上面的兩個html里面已經寫到了), 而管理員, 能夠看到部門頁面、員工頁面、資產頁面并且還有平臺用戶的信息也能夠看到, 而且還能增加修改刪除里面的所有數據。
運行結果:
我們先登錄下員工(普通用戶)的賬號:
進到部門或員工頁面, 可以看到相應信息, 右邊沒有操作列。
點擊添加信息按鈕, 網頁會提示沒有權限。
意為著不能添加數據, 因為員工沒有該權限。
我們再登錄一下管理員的賬號:
登錄管理員賬號Nathan:
登錄過后:
點開任意一個頁面, 比如員工頁面:
最右邊有操作列。
點擊添加信息按鈕:
可以添加信息。
點擊任意一個修改按鈕:
一樣可以修改數據。
同理, 一樣可以刪除數據。
管理員, 擁有里面的所有權限,不僅所有的頁面都可查看, 還可以對數據進行增加修改刪除。
四、代碼展示合集
登錄功能代碼:
login.py:
from django.core.exceptions import ValidationError
from django.shortcuts import render, redirectfrom project_one.utils import pwd_data
from project_one.utils.PageData import PageData
from django import formsfrom project_one import models# Create your views here.
class LoginForm(forms.Form):username = forms.CharField(widget=forms.TextInput(attrs={"placeholder": "用戶名", "autocomplete": "off"}))password = forms.CharField(widget=forms.PasswordInput(attrs={"placeholder": "密碼", "autocomplete": "off", "type": "password"}))# 對密碼進行校驗, 在校驗函數里面, 我們對密碼進行加密處理def clean_password(self):password = self.cleaned_data['password']return pwd_data.md5(password)def login(request):if request.method == 'GET':form = LoginForm()return render(request, "login/login.html", {'form': form})form = LoginForm(request.POST)if form.is_valid():print(form.cleaned_data)admin_object = models.AdminRole.objects.filter(**form.cleaned_data).first()if not admin_object:form.add_error("password", "賬號或密碼錯誤")return render(request, "login/login.html", {'form': form})# 如果用戶名和密碼正確,即可登陸成功,將用戶名和密碼,身份信息存儲在session當中request.session['info'] = {"id": admin_object.id, "username": admin_object.username, "password": admin_object.password, "role": admin_object.role}# 設置賬號的時效期, 這里以秒為單位, 我們設置一個賬號, 登錄以后, 可以有一天時間使用, 時效期過去之后需要重新登錄才可以繼續使用網頁request.session.set_expiry(60*60*24*1)return redirect('/')render(request, "login/login.html", {'form': form})def logout(request):# 退出登錄的時候, 清除session。request.session.clear()return redirect("/login/")中間件代碼:
auth.py:
from django.shortcuts import render, redirect, HttpResponse
from django.utils.deprecation import MiddlewareMixin
from django.conf import settingsclass AuthMiddleware(MiddlewareMixin):# 登錄校驗def process_request(self, request):# 避免打開login頁面之后驗證login頁面, 不然就會產生死循環。# 這里需要忽略以下路由if request.path_info in ["/login/", "/logout/"]:returninfo_dict = request.session.get('info')if info_dict:request.unicom_id = info_dict['id']request.unicom_username = info_dict['username']request.unicom_role = info_dict['role']returnreturn redirect("/login/")def process_view(self, request, view_func, args, kwargs):if request.path_info in ["/login/", "/logout/"]:returnrole = request.unicom_roleuser_permission_list = settings.UNICOM_PERMISSION[role]# 當前請求的路由name不在這個列表當中if request.resolver_match.url_name not in user_permission_list:returnreturn HttpResponse("沒有權限")路由配置:
urls.py:
"""project_simple URL ConfigurationThe `urlpatterns` list routes URLs to views. For more information please see:https://docs.djangoproject.com/en/4.1/topics/http/urls/
Examples:
Function views1. Add an import: from my_app import views2. Add a URL to urlpatterns: path('', views.home, name='home')
Class-based views1. Add an import: from other_app.views import Home2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
Including another URLconf1. Import the include() function: from django.urls import include, path2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path
from project_one.views import depart, user, assets, admin_role, loginurlpatterns = [# path('admin/', admin.site.urls),path("", depart.index, name="index"),path("depart/", depart.depart, name="depart"),path("depart/add/", depart.add_depart, name="add_depart"),path("depart/<int:nid>/modify/", depart.depart_modify, name="depart_modify"),path("depart/<int:nid>/del/", depart.del_depart, name="del_depart"),path("user/", user.user_info, name="user_info"),path("user/add/", user.user_add, name="user_add"),path("user/<int:nid>/modify/", user.user_modify, name="user_modify"),path("user/<int:nid>/del/", user.user_del, name="user_del"),path("user/add/modelform", user.user_add_modelform, name="user_add_modelform"),path("user/<int:nid>/modify/modelform", user.user_modify_modelform, name="user_modify_modelform"),path("assets_list/", assets.assets, name="assets"),path("assets/add/", assets.assets_add, name="assets_add"),path("assets/<int:nid>/modify/", assets.assets_modify, name="assets_modify"),path("assets/<int:nid>/del/", assets.assets_del, name="assets_del"),path("admin_list/", admin_role.admin, name="admin"),path("admin/add/", admin_role.admin_add, name="admin_add"),path("admin/<int:nid>/modify/", admin_role.admin_modify, name="admin_modify"),path("admin/<int:nid>/reset/pwd/", admin_role.admin_reset_pwd, name="admin_reset_pwd"),path("admin/<int:nid>/del/", admin_role.admin_del, name="admin_del"),path("login/", login.login, name="login"),path("logout/", login.logout, name="logout")
]settings.py配置文件需要配置的地方:
MIDDLEWARE = ['django.middleware.security.SecurityMiddleware','django.contrib.sessions.middleware.SessionMiddleware','django.middleware.common.CommonMiddleware','django.middleware.csrf.CsrfViewMiddleware','django.contrib.auth.middleware.AuthenticationMiddleware','django.contrib.messages.middleware.MessageMiddleware','django.middleware.clickjacking.XFrameOptionsMiddleware',# 添加自己寫好的中間件。'project_one.middleware.auth.AuthMiddleware'
]# 在配置文件里面添加權限管理, 在列表里面的內容, 對應的角色(如員工)不能被訪問。
UNICOM_PERMISSION = {1: ["add_depart", "depart_modify", "del_depart", "user_add", "user_modify", "user_del", "user_add_modelform","user_modify_modelform", "assets_add", "assets_modify", "assets_del", "admin_add", "admin_modify","admin_reset_pwd", "admin_del"],2: [],3: []
}
login.html文件:
<!DOCTYPE html>
<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Document</title><style>* {margin: 0;padding: 0;}a {text-decoration: none;}input,button {background: transparent;border: 0;outline: none;}body {height: 100vh;background: linear-gradient(#141e30, #243b55);display: flex;justify-content: center;align-items: center;font-size: 16px;color: #03e9f4;}.loginBox {width: 400px;height: 364px;background-color: #0c1622;margin: 100px auto;border-radius: 10px;box-shadow: 0 15px 25px 0 rgba(0, 0, 0, .6);padding: 40px;box-sizing: border-box;}h2 {text-align: center;color: aliceblue;margin-bottom: 30px;font-family: 'Courier New', Courier, monospace;}.item {height: 45px;border-bottom: 1px solid #fff;margin-bottom: 40px;position: relative;}.item input {width: 100%;height: 100%;color: #fff;padding-top: 20px;box-sizing: border-box;}.item input:focus+label,.item input:valid+label {top: 0px;font-size: 2px;}.item label {position: absolute;left: 0;top: 12px;transition: all 0.5s linear;}.btn {padding: 10px 20px;margin-top: 30px;color: #03e9f4;position: relative;overflow: hidden;text-transform: uppercase;letter-spacing: 2px;left: 35%;}.btn:hover {border-radius: 5px;color: #fff;background: #03e9f4;box-shadow: 0 0 5px 0 #03e9f4,0 0 25px 0 #03e9f4,0 0 50px 0 #03e9f4,0 0 100px 0 #03e9f4;transition: all 1s linear;}.btn>span {position: absolute;}.btn>span:nth-child(1) {width: 100%;height: 2px;background: -webkit-linear-gradient(to left, transparent, #03e9f4);left: -100%;top: 0px;animation: line1 1s linear infinite;}@keyframes line1 {50%,100% {left: 100%;}}.btn>span:nth-child(2) {width: 2px;height: 100%;background: -webkit-linear-gradient(to top, transparent, #03e9f4);right: 0px;top: -100%;animation: line2 1s 0.25s linear infinite;}@keyframes line2 {50%,100% {top: 100%;}}.btn>span:nth-child(3) {width: 100%;height: 2px;background: -webkit-linear-gradient(to left, #03e9f4, transparent);left: 100%;bottom: 0px;animation: line3 1s 0.75s linear infinite;}@keyframes line3 {50%,100% {left: -100%;}}.btn>span:nth-child(4) {width: 2px;height: 100%;background: -webkit-linear-gradient(to top, transparent, #03e9f4);left: 0px;top: 100%;animation: line4 1s 1s linear infinite;}@keyframes line4 {50%,100% {top: -100%;}}</style>
</head><body><div class="loginBox"><h2>登錄界面</h2><form method="post">{% csrf_token %}<div class="item">{{ form.username }}</div><div class="item">{{ form.password }}<span style="color: red">{{ form.password.errors.0 }}</span></div><button class="btn">登錄<span></span><span></span><span></span><span></span></button></form></div>
</body>
</html>
model_tmp.html:
{% load static %}
<!DOCTYPE html>
<html lang="en">
<head><meta charset="UTF-8"><title>Title</title><link rel="stylesheet" href="{% static 'css/bootstrap.css' %}">{% block css %}{% endblock %}
</head>
<body>
<div class="navbar navbar-default"><div class="container"><!-- Brand and toggle get grouped for better mobile display --><div class="navbar-header"><button type="button" class="navbar-toggle collapsed" data-toggle="collapse"data-target="#bs-example-navbar-collapse-1" aria-expanded="false"><span class="sr-only">Toggle navigation</span><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span></button><a class="navbar-brand" href="#">管理系統</a></div><!-- Collect the nav links, forms, and other content for toggling --><div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"><ul class="nav navbar-nav">{% if request.unicom_role == 1 %}<li class="active"><a href="/depart/">部門頁面</a></li><li class="active"><a href="/user/">員工頁面</a></li>{% elif request.unicom_role == 3%}<li class="active"><a href="/depart/">部門頁面</a></li><li class="active"><a href="/user/">員工頁面</a></li><li class="active"><a href="/assets_list/">資產頁面</a></li>{% endif %}
{# <li class="active"><a href="/depart/">部門頁面</a></li>#}
{# <li class="active"><a href="/user/">員工頁面</a></li>#}
{# <li class="active"><a href="/assets_list/">資產頁面</a></li>#}<li class="dropdown">{% if request.unicom_role == 3 %}<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"aria-expanded="false">平臺用戶<span class="caret"></span></a>{% endif %}<ul class="dropdown-menu"><li><a href="/admin_list/">登錄賬號</a></li></ul></li></ul><ul class="nav navbar-nav navbar-right"><li class="dropdown"><a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"aria-expanded="false">歡迎-->{{ request.session.info.username }}<span class="caret"></span></a><ul class="dropdown-menu"><li><a href="/logout/">退出登錄</a></li></ul></li></ul></div><!-- /.navbar-collapse --></div><!-- /.container-fluid -->
</div>{% block content %}
{% endblock %}
<script src="{% static 'js/jquery3.7.1.js' %}"></script>
<script src="{% static 'js/bootstrap.js' %}"></script>
{% block js %}
{% endblock %}
</body>
</html>
user_list.html:
{% extends "index/model_tmp.html" %}{% block content %}<div class="container"><a href="/user/add/" class="btn btn-success">添加信息</a><a href="/user/add/modelform" class="btn btn-warning">添加信息</a><div class="panel panel-danger"><div class="panel-heading"><h3 class="panel-title">員工表</h3></div><div class="panel-body"><table class="table table-hover"><thead><tr><th>ID</th><th>姓名</th><th>性別</th><th>薪水</th><th>年齡</th><th>入職時間</th><th>部門</th>{% if request.unicom_role == 3 %}<th>操作</th>{% endif %}</tr></thead><tbody>{% for data in user_list %}<tr><th scope="row">{{ data.id }}</th><td>{{ data.name }}</td><td>{{ data.get_gender_display }}</td><td>{{ data.salary }}</td><td>{{ data.age }}</td><td>{{ data.create_time|date:"Y-m-d" }}</td><td>{{ data.department.title }}</td>{% if request.unicom_role == 3 %}<td style="color: green"><a href="/user/{{ data.id }}/modify/modelform"><span style="color: green;" class="glyphicon glyphicon-pencil" aria-hidden="true"></span></a><a href="/user/{{ data.id }}/del/"><span style="color: red;" class="glyphicon glyphicon-trash" aria-hidden="true"></span></a></td>{% endif %}</tr>{% endfor %}</tbody></table></div></div>{# 實現分頁查詢 #}<ul class="pagination">{{ page_string }}</ul></div>
{% endblock %}
depart.html:
{% extends "index/model_tmp.html" %}{% block content %}<div class="container"><a href="/depart/add/" class="btn btn-success">添加信息</a><div class="panel panel-danger"><div class="panel-heading"><h3 class="panel-title">部門表</h3></div><div class="panel-body"><table class="table table-hover"><thead><tr><th>ID</th><th>部門</th>{% if request.unicom_role == 3 %}<th>操作</th>{% endif %}</tr></thead><tbody>{% for data in data_list %}<tr><th scope="row">{{ data.id }}</th><td>{{ data.title }}</td>{% if request.unicom_role == 3 %}<td style="color: green"><a href="/depart/{{ data.id }}/modify/"><span style="color: green;" class="glyphicon glyphicon-pencil" aria-hidden="true"></span></a><a href="/depart/{{ data.id }}/del/"><span style="color: red;" class="glyphicon glyphicon-trash" aria-hidden="true"></span></a></td>{% endif %}</tr>{% endfor %}</tbody></table></div></div>{# 實現分頁查詢 #}<ul class="pagination">{{ page_string }}</ul></div>
{% endblock %}
好了, 這篇文章的內容就到此結束了!!!
以上就是Django的賬號登錄及權限管理的所有內容了, 如果有哪里不懂的地方,可以把問題打在評論區, 歡迎大家在評論區交流!!!
如果我有寫錯的地方, 望大家指正, 也可以聯系我, 讓我們一起努力, 繼續不斷的進步.
學習是個漫長的過程, 需要我們不斷的去學習并掌握消化知識點, 有不懂或概念模糊不理解的情況下,一定要趕緊的解決問題, 否則問題只會越來越多, 漏洞也就越老越大.
人生路漫漫, 白鷺常相伴!!!
![[學習]RTKLib詳解:convkml.c、convrnx.c與geoid.c](http://pic.xiahunao.cn/[學習]RTKLib詳解:convkml.c、convrnx.c與geoid.c)
)
)
)
