操作系统为OS X 10.9.2,Django为1.6.5.
from django.contrib.auth import authenticate user = authenticate(username=username, password=password) if user is not None: # the password verified for the user if user.is_active: print (‘User is valid, active, and authenticates‘) else: print (‘The password is valid, but the account has been disabled!‘) else: print (‘The username and password were incorrect.")
‘‘‘将内容按照用户是否登录区分‘‘‘ articles = [] if request.user.is_authenticated(): articles = Article.objects.all() else: articles = Article.objects.filter(group__gt=1) return articles
{% if user.is_authenticated %} <i>欢迎你, <strong>{{ user.username }}</strong></i> <a href="/accounts/logout/" >退出</a> {% else %} <a href="/accounts/login/" >登陆</a> {% endif %}
>>> from Blog.models import Article >>> from django.contrib.auth.models import Group, Permission >>> from django.contrib.contenttypes.models import ContentType >>> # 创建许可 >>> permission = Permission.objects.create(codename=‘can_add_article‘, name=‘Can post on article‘, content_type=content_type) >>> permission <Permission: Blog | article | Can post on article> >>> permission2 = Permission.objects.create(codename=‘can_modify_article‘, name=‘Can modify article‘, content_type=content_type) >>> permission2 <Permission: Blog | article | Can modify article> >>> permission3 = Permission.objects.create(codename=‘can_del_article‘, name=‘Can del article‘, content_type=content_type) >>> permission3 <Permission: Blog | article | Can del article> >>> # 创建分组 >>> group1 = Group.objects.create(name=‘can_publish‘) >>> group1 <Group: can_publish> >>> # 在分组中添加许可 >>> group1.permissions.add(permission, permission2) >>> # 创建用户 >>> from django.contrib.auth.models import User >>> user = User.objects.create(username=‘Tom‘,password=‘password‘) >>> user <User: Tom> >>> # 添加分组 >>> user.groups.add(group1) >>> # 添加许可 >>> user.user_permissions.add(permission3) >>> # 查看该用户的分组中的许可 >>> user.get_group_permissions() set([u‘Blog.can_modify_article‘, u‘Blog.can_add_article‘]) >>> # 查看该用户的所有许可 >>> user.get_all_permissions() set([u‘Blog.can_modify_article‘, u‘Blog.can_del_article‘, u‘Blog.can_add_article‘]) >>> # 验证该用户是否拥有某个许可 >>> user.has_perm(‘Blog.can_del_article‘) True >>> # 验证该用户石佛拥有某些许可 >>> user.has_perms([‘Blog.can_del_article‘,‘Blog.can_add_article‘, ‘Blog.can_modify_article‘]) True
# 使用装饰器 from django.contrib.auth.decorators import permission_required @permission_required(‘Blog.delete_article‘, login_url=‘/accounts/login/‘) def article_delete(request, num=0): ‘‘‘删除日志‘‘‘ if num: article = Article.objects.get(id=int(num)) else: article = Article try: article.delete() return HttpResponseRedirect(‘/blog/article/‘) except Exception: return HttpResponseRedirect(‘/blog/article/page/‘) # 没有使用装饰器 if request.user.has_perm(‘accounts.can_mark‘): pass
{% if perms.foo %} <p>You have permission to do something in the foo app.</p> {% if perms.foo.can_vote %} <p>You can vote!</p> {% endif %} {% if perms.foo.can_drive %} <p>You can drive!</p> {% endif %} {% else %} <p>You don‘t have permission to do anything in the foo app.</p> {% endif %}