问题描述
我正在使用django-email-verification应用程序,我不得不更改用户的注册方式,但我保留了登录身份验证部分相同的内容。每次尝试登录时,它都不允许我登录并说凭据错误。我也用电子邮件作为用户名。我在想:user = auth.authenticate(username=request.POST['username'],password=request.POST['password'])
那需要改变。请问我该如何修复登录名?
from django.shortcuts import render,redirect
from django.contrib.auth.models import User
from django.contrib import auth
from django.contrib.auth import get_user_model
from django_email_verification import sendConfirm
def signup(request):
if request.method == 'POST':
if request.POST['pass1'] == request.POST['pass2']:
try:
user = User.objects.get(username=request.POST['username'])
return render(request,'accounts/signup.html',{'error': 'Email is already registered'})
except User.DoesNotExist:
'''user = User.objects.create_user(request.POST['username'],password=request.POST['pass1'])
auth.login(request,user)'''
user = get_user_model().objects.create(username=request.POST['username'],password=request.POST['pass1'],email=request.POST['username'])
sendConfirm(user)
return redirect('home')
else:
return render(request,{'error': 'Passwords must match'})
else:
return render(request,'accounts/signup.html')
def login(request):
if request.method == 'POST':
user = auth.authenticate(username=request.POST['username'],password=request.POST['password'])
if user is not None:
auth.login(request,user)
return redirect('home')
else:
return render(request,'accounts/login.html',{'error':'username or password is incorrect.'})
else:
return render(request,'accounts/login.html')
def logout(request):
if request.method == 'POST':
auth.logout(request)
return redirect('home')
解决方法
问题不在于验证,而在于创建用户。密码通常是哈希值。 .create(…)
function [Django-doc]将不哈希这些,您可以改用.create_user(…)
[Django-doc]:
user = get_user_model().objects.create_user(
username=request.POST['username'],password=request.POST['pass1'],email=request.POST['username']
)
.create_user(…)
函数是用户模型管理员通常应提供的函数。对于(大多数)用户模型,这会将密码的 hash 存储在数据库中。