使用表单和 Django 的用户登录身份验证

User Login Authentication using forms and Django

我正在尝试使用表单为登录页面设置用户身份验证并将其与数据库值进行比较,我的代码有效,但后来我意识到如果我输入任何密码(如果密码在数据库。我想要做的是搜索邮件并获取该用户的密码,而不是整个数据库。我的数据库将不包含重复的电子邮件,因此我不必为此担心。我花了太多时间试图弄清楚如何为电子邮件所在的同一用户获取密码。

我的login.views看起来像这样

def login(request):
if request.method == "POST":
    form = Studentlogin(request.POST)
    if form.is_valid():
        email = form.cleaned_data.get('email')
        password = form.cleaned_data.get('password')
        user = User.objects.create_user(email, password)
        try:
            studentemail = students.objects.get(email=email)
            studentpass = students.objects.get(password=password)
            return render (request, 'subscrap/main.html', {'student': studentemail })
        except:
            messages.success(request, 'Error, either Email or Password is not correct')
            pass
else:
    form = Studentlogin()
return render(request, 'subscrap/login.html', {'form': form})

我的学生模型是这样的:

class students(models.Model):
fname = models.CharField(max_length=50)
lname = models.CharField(max_length=50)
password = models.CharField(max_length = 50 , null = True)
passwordrepeat = models.CharField(max_length = 50, null = True)
email = models.EmailField(max_length=150)
class Meta:
    db_table = "students"

我的表单文件:

class StudentForm(forms.ModelForm):
    class Meta:
        model = students
        fields = "__all__"

class Studentlogin(forms.Form):
    email = forms.EmailField(max_length=150)
    password = forms.CharField(max_length = 50, widget=forms.PasswordInput)

您只需进行一次查询即可获得具有给定电子邮件和密码的学生:

def login(request):
    if request.method == "POST":
        form = Studentlogin(request.POST)
        if form.is_valid():
            email = form.cleaned_data.get('email')
            password = form.cleaned_data.get('password')
            user = User.objects.create_user(email, password)
            try:
               student = students.objects.get(email=email, password=password)
               return render (request, 'subscrap/main.html', {'student': student})
            except:
               messages.success(request, 'Error, either Email or Password is not correct')
        else:
           form = Studentlogin()
        return render(request, 'subscrap/login.html', {'form': form})

您在学生模型上设置的查询 students.objects.get(email=email) return 是一个 SINGLE student OBJECT,其中他们的电子邮件与从表单中检索到的电子邮件相同。更准确的变量名应该是 student。注意 .get() return 如果没有匹配的记录,则会出现 DoesNotExist 错误。

根据你所拥有的,你可以做(​​不理想)

try
    student = students.objects.get(email=email)
    if student.password == password:
        return render (request, 'subscrap/main.html', {'student': email})  # (or student.email)
    else:
        raise Exception()
except:
    messages.success(request, 'Error, either Email or Password is not correct')

基于 RedWheelbarrow 所写的内容。他们的查询集根据同时具有确切 emailpassword 的学生来查找学生。查询集仍然 return 是一个学生,所以如果你只想 return 渲染中的电子邮件,你需要做

try:
    student = students.objects.get(email=email, password=password)
    return render (request, 'subscrap/main.html', {'student': email})  # (or student.email)
except:
    messages.success(request, 'Error, either Email or Password is not correct')

详细了解 qeueryset get 方法 here