Django用户登录注册系统

论文

用户登录注册系统 功能分析

实现以下功能：
用户注册: 注册完成后转到登录页面
用户登录: 登录完成后转到用户资料页面
用户资料页面: 查看用户注册信息，并提供编辑资料按钮
用户资料编辑：编辑完成后转到用户资料查看页面
用户密码重置
用户退出登陆

项目整体文件目录

FSCIIDB
|---FSCIIDB
    |--- __init__.py 
    |--- __pycache__/  
    |--- settings.py  # modified
    |--- urls.py      # modified
    |--- wsgi.py  
|---login               # created：python manage.py startapp login
    |--- __init__.py 
    |--- admin.py       # add to register login: admin.site.register(models.User)
    |--- apps.py 
    |--- forms.py       # created file: defaultname is forms.py
    |--- urls.py        # created file: defaultname is urls.py
    |--- models.py      # modified
    |--- views.py       # modified
    |--- tests.py    
    |--- migrations/      
    |--- static/        # created directory and files as you see
        |--- login/
            |--- css/ 
                |--- login.css 
                |--- register.css
            |--- img/ 
    |--- templates/     # created directory and files as you see
        |--- confirm.html       
        |--- index.html  
        |--- login.html
        |--- register.html 

源代码

1.设计数据表models.py

# models.py
# 可以继承Django自带的User
# coding:utf-8
from django.db import models
from django.contrib.auth.models import AbstractUser
# Create your models here.
# 继承了django中的用户基本 类AbstractUser
class User(AbstractUser):
    right_level = [(0, "普通用户"), (1, "司法鉴定员"), (2, "系统用户")]
    username = models.CharField("用户名称", unique=True, max_length=50)
    # django 要求用户名唯一
    password = models.CharField("用户密码", max_length=128)
    created_time = models.DateTimeField("账户创建时间", auto_now_add=True)
    email = models.EmailField("邮箱")
    phone = models.CharField("手机号码", unique=True, max_length=30)
    right = models.SmallIntegerField("权限等级", choices=right_level, default=0)
    has_confirmed = models.BooleanField(default=False) # 确认
    # 元数据 增强可读性
    class Meta:
        verbose_name = '用户'
        ordering = ['-id']
    def __str__(self):
        return self.username

2 设计登录与注册的表单forms.py

forms.py表单与models.py功能并不相同，forms.py提供快速渲染html表单的方法，并没有与数据库交互，其写入数据库的过程大致可以表示为：
forms.py → templates.html（action/render/redirect） →
views.py （models.User()）→ models.py → 数据库

from django import forms
# 用户登录表单
class UserForm(forms.Form):
    username = forms.CharField(label="用户名", max_length=50, widget=forms.TextInput(
        attrs={'class': 'form-control', 'placeholder': '用户名', 'autofocus': ''}))
    password = forms.CharField(label="密码", max_length=30, widget=forms.PasswordInput(
        attrs={'class': 'form-control', 'placeholder': '用户密码'}
    ))
#用户注册表单
class RegisterForm(forms.Form):
    gender = (
        ('male', "男"),
        ('female', "女"),
    )
    departments = ((0, "海珠区"), (1, "天河区"), (2, "荔湾区"), (3, "番禺区"),)
    username = forms.CharField(label="用户名", max_length=50, widget=forms.TextInput(attrs={'class': 'form-control'}))
    password1 = forms.CharField(label="密码", max_length=30, widget=forms.PasswordInput(attrs={'class': 'form-control'}))
    password2 = forms.CharField(label="确认密码", max_length=30, widget=forms.PasswordInput(attrs={'class': 'form-control'}))
    email = forms.CharField(label="邮箱地址", widget=forms.EmailInput(attrs={'class': 'form-control'}))
    # 注意sex这里是Choice
    sex = forms.ChoiceField(label="性别", choices=gender) 
    phone = forms.CharField(label="手机号码", max_length=30, widget=forms.TextInput(attrs={'class': 'form-control'}))
    # 注意department这里是Choice
    department = forms.ChoiceField(label="所属部门", choices=departments) 

3.Templates的HTML设计

这里有几个注意的点：页面逻辑、用户输入提示message、用户验证。
可以说html基本上就是表单的实现，而借用了forms.py 减少了代码的编写量。
confirm.html其实暂时不需要用到

# login.html
{% load static %}   # add 引入自己设置的css
<!DOCTYPE html>
<html lang="en">
<head>
    <!-- required meta tags --> # 添加注释
    <meta charset="UTF-8">、
    <!-- Bootstrap CSS --> # add Bootstrap CSS
        <link href="https://cdn.bootcss.com/twitter-bootstrap/4.3.1/css/bootstrap.min.css" rel="stylesheet">
        <link href="{% static 'login/css/login.css' %}" rel="stylesheet" />
    <title>FSCI IDC|登录</title> # modified title name
</head>
<body>
<div class="container">
    <div class="col">
        # 登录表单开始，注意action，将表单发送到哪里
        <form class="form-login" action="/login/" method="post">
            # 如果有 message 产生 则显示
            {% if message %}
                <div class="alert alert-warning">{{ message }}</div>
            {% endif %}
            # django本身的csrf 问题需要在有post的request中添加以下内容
            {% csrf_token %}
            <h3 class="text-center">法庭科学硅藻鉴定智能数据库</h3>
            # form-group 是 Bootstrap CSS的 样式
            <div class="form-group">
                {{ login_form.username.label_tag }}
                {{ login_form.username }}
            </div>
            <div class="form-group">
                {{ login_form.password.label_tag }}
                {{ login_form.password }}
            </div>
            # 这里是登录框的下注内容了
            <div>
                <a href="/register/" class="text-success"><ins>注册</ins></a>
                <button type="submit" class="btn btn-primary float-right">登录</button>
            </div>
        </form>
    </div>
</div><!-- container end -->
<!-- Optional JavaScript -->
    <!-- jQuery first, then Popper.js, then Bootstrap JS -->
    <script src="https://cdn.bootcss.com/jquery/3.3.1/jquery.min.js"></script>
    <script src="https://cdn.bootcss.com/popper.js/1.15.0/umd/popper.min.js"></script>
    <script src="https://cdn.bootcss.com/twitter-bootstrap/4.3.1/js/bootstrap.min.js"></script>
</body>
</html>

# register.html
# 基本上和login.html实现原理相同
{% load static %}
<!DOCTYPE html>
<html lang="en">
<head>
    <!-- required meta tags -->
    <meta charset="UTF-8">
    <!-- Bootstrap CSS -->
        <link href="https://cdn.bootcss.com/twitter-bootstrap/4.3.1/css/bootstrap.min.css" rel="stylesheet">
        <link href="{% static 'login/css/register.css' %}" rel="stylesheet" />
    <title>FSCI IDC|注册</title>
</head>
<body>
<div class="container">
    <div class="col">
        <form class="form-register" action="/register/" method="post">
            {% if message %}
                <div class="alert alert-warning">{{ message }}</div>
            {% endif %}
            {% csrf_token %}
            <h3 class="text-center">欢迎注册</h3>
            <div class="form-group">
                {{ register_form.username.label_tag }}
                {{ register_form.username }}
            </div>
            <div class="form-group">
                {{ register_form.password1.label_tag }}
                {{ register_form.password1 }}
            </div>
            <div class="form-group">
                {{ register_form.password2.label_tag }}
                {{ register_form.password2 }}
            </div>
            <div class="form-group">
                {{ register_form.email.label_tag }}
                {{ register_form.email }}
            </div>
            <div class="form-group">
                {{ register_form.sex.label_tag }}
                {{ register_form.sex }}
            </div>
            <div class="form-group">
                {{ register_form.department.label_tag }}
                {{ register_form.department }}
            </div>
            <div class="form-group">
                {{ register_form.phone.label_tag }}
                {{ register_form.phone }}
            </div>
            <div>
                <a href="/login/" class="text-success"><ins>直接登录</ins></a>
                <button type="submit" class="btn btn-primary float-right">注册</button>
            </div>
        </form>
    </div>
</div> <!-- container end-->
<!-- Optional JavaScript -->
    <!-- jQuery first, then Popper.js, then Bootstrap JS -->
    <script src="https://cdn.bootcss.com/jquery/3.3.1/jquery.min.js"></script>
    <script src="https://cdn.bootcss.com/popper.js/1.15.0/umd/popper.min.js"></script>
    <script src="https://cdn.bootcss.com/twitter-bootstrap/4.3.1/js/bootstrap.min.js"></script>
</body>
</html>

# index.html
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>FSCI IDB|首页</title>
</head>
<body>
    {% csrf_token %}
    <h1>{{ request.session.user_name }}!  欢迎回来！ </h1>
    {% csrf_token %}
    <p>
        <a href="/logout/">注销</a>
    </p>
</body>
</html>

4 视图函数的设计 views.py

# views.py
from django.shortcuts import render
from django.shortcuts import redirect
from django.conf import settings
from . import models
from . import forms
import hashlib
from django.contrib.auth import authenticate # 用于验证admin账号
import datetime
# Create your views here.
# 普通用户的密码加密方式
def hash_code(s,salt='fsciidb'):
    h = hashlib.sha256()
    s += salt
    h.update(s.encode())
    return h.hexdigest()
# 首页视图 使用了模板
def index(request):
    # 必须使用session才能进入index页面：
    if not request.session.get('is_login', None):
        return redirect('/login/')
    return render(request, 'index.html')
# 登录视图 使用了模板
def login(request):
    if request.session.get('is_login', None):# 不允许重复登录
        return redirect('/index/')
    if request.method == 'POST':
        login_form = forms.UserForm(request.POST)
        message = '请检查填写的信息！'
        if login_form.is_valid():
            username = login_form.cleaned_data.get('username')
            password = login_form.cleaned_data.get('password')
            temper_user = models.User()
            try:
                user = models.User.objects.get(username=username)
            except:
                message = '用户不存在！'
                return render(request, 'login.html', locals())
            # 管理员登录
            user_admin = authenticate(username=username, password=password)
            if user_admin:
                request.session['is_login'] = True
                request.session['user_id'] = user.id
                request.session['user_name'] = user.username
                return redirect('/index/')
            # 普通用户登录
            if user.password == hash_code(password):
                request.session['is_login'] = True
                request.session['user_id'] = user.id
                request.session['user_name'] = user.username
                return redirect('/index/')
            else:
                message = '密码不正确！'
                return render(request, 'login.html', locals())
        else:
            return render(request, 'login.html', locals())
    login_form = forms.UserForm()
    return render(request, 'login.html', locals())
# 注册视图 使用了模板
def register(request):
    if request.session.get('is_login', None):
        return redirect('/index/')
    if request.method == 'POST':
        register_form = forms.RegisterForm(request.POST)
        message = "请检查填写的信息！"
        if register_form.is_valid():
            username = register_form.cleaned_data.get('username')
            password1 = register_form.cleaned_data.get('password1')
            password2 = register_form.cleaned_data.get('password2')
            email = register_form.cleaned_data.get('email')
            sex = register_form.cleaned_data.get('sex')
            department = register_form.cleaned_data.get('department')
            phone = register_form.cleaned_data.get('phone')
            if password1 != password2:
                message = '两次输入密码不同！'
                return render(request, 'register.html', locals())
            else:
                same_phone_user = models.User.objects.filter(phone=phone)
                if same_phone_user:
                    message = '该账号已存在'
                    return render(request, 'register.html', locals())
                same_email_user = models.User.objects.filter(email=email)
                if same_email_user:
                    message = '该邮箱已经被注册'
                    return render(request, 'register.html', locals())
                # 将form表单中输入的内容保存到数据库当中
                new_user = models.User()
                new_user.username = username
                # 数据库不明文存储密码，使用hash加密
                new_user.password = hash_code(password1)
                new_user.email = email
                new_user.sex = sex
                new_user.department = department
                new_user.phone = phone
                # 最后需要使用save()函数保存才能生效
                new_user.save()
                return render(request, 'confirm.html', locals())
        else:
            return render(request, 'register.html',locals())
    register_form = forms.RegisterForm()
    return render(request, 'register.html', locals())
# 注销视图，无使用模板
def logout(request):
    if not request.session.get('is_login', None):
        return redirect('/login/')
    # 清空session 断开连接 回到login界面
    request.session.flush()
    # del request.session['is_login']
    return redirect("/login/")

5.路由设计

# 一级路由urls.py
from django.contrib import admin
from django.urls import path
from django.urls import include
urlpatterns = [
    path('admin/', admin.site.urls),
    path('',include('login.urls')), # 进入二级路由进行正则匹配判断
]

# 二级路由urls.py
from django.urls import path
from . import views
urlpatterns = [
    path('index/', views.index, name='index'),
    path('login/', views.login, name='login'),
    path('register/', views.register, name='register'),
    path('logout/', views.logout, name='logout'),
]

6.setting文件设置

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql', # your db
        # 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
        'NAME': 'IDB', # your db_name
        'HOST': '127.0.0.1',  # your host
        'USER': 'root', # your db_user
        'PASSWORD': '****', # your db_password
        'PORT': '3306',  # your db_port
    }
}
LANGUAGE_CODE = 'zh-hans'  # modifed by llp
TIME_ZONE = 'Asia/Shanghai'  # modifed by llp
USE_TZ = False  # modifed by llp
# add by llp 扩展django自身的用户表，需要修改它的模型
# your_aap.models_Name
AUTH_USER_MODEL = 'login.User'