一、初始配置
1,創建項目
django-admin startproject tedu_note
2,創建應用
cd tedu_not
python3 manage.py startapp user
3,進入mysql命令行,創建數據庫
注意:default charset utf8 一定要加上
mysql -u root -p
create database tedu_note default charset utf8;
4,配置settings.py
1,安裝user應用
2,註釋csrf,防止post403
3,常規數據庫配置
4,改語言,改時區
...
INSTALLED_APPS=[
...
'user',
]
...
MIDDLEWARE = [
...
#'django.middleware.csrf.CsrfViewMiddleware',
...
]
...
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'tedu_note',
'USER':'root',
'PASSWORD':'123456',
'HOST':'127.0.0.1',
'PORT':'3306'
}
}
...
LANGUAGE_CODE = 'zh-Hans'
TIME_ZONE = 'Asia/Shanghai'
* 如果提示報錯:NameError: name '_mysql' is not defined
需要在init.py中加如下代碼:
import pymysql
pymysql.version_info = (1, 4, 13, "final", 0)
pymysql.install_as_MySQLdb()
哈希算法 - 給明文,計算出一段定長的,不可逆的值:md5,sha-256
- 特點
- 1,定長輸出:不管明文輸出長度爲多少,哈希值都是定長的,md5 - 32位16進制
- 不可逆:反向計算出對應的明文
- 雪崩效應:輸入改變,輸出必變,變化特別大
場景:1,密碼處理 2,文件的完整性校驗
import hashlib.md5()
m = hashlib.md5()
m.update(b'123456')
m.hexdigest() #十六進制可視字符,適合存儲
m.digest() #帶不可視字符的,適合計算
代碼
Templates
1,首頁
index/templates/index/index.html
<body>
{% if request.session.username %}
<p>
歡迎 {{ request.session.username }}
</p>
<p>
<a href="/user/logout">退出登錄</a>
</p>
<p>
<a href="">進入我的筆記</a>
</p>
{% else %}
{% if requset.COOKIES.username %}
<p>
歡迎{{ request.session.username }}
</p>
<p>
<a href="/user/logout">退出登錄</a>
</p>
<p>
<a href="">進入我的筆記</a>
</p>
{% else %}
<p>
<a href="/user/login">登錄</a>
</p>
<p>
<a href="/user/reg">註冊</a>
</p>
{% endif %}
{% endif %}
</body>
2,登錄頁
user/templates/user/login.html
<body>
<form action="/user/login" method="POST">
用戶名<input type="text" name="username">
<br>
密碼<input type="password" name="password">
<br>
<input type="checkbox" name="remember">記住用戶名
<br>
<input type="submit" value="登陸">
</form>
</body>
3,註冊頁
user/templates/user/register.html
<body>
<form action="/user/reg" method="POST">
用戶名:<input type="text" name="username"><br>
密碼:<input type="password" name="password_1"><br>
確認密碼<input type="password" name="password_2"><br>
<input type="submit" value="註冊">
</form>
</body>
4,添加筆記頁
note/templates/note/add_note.html
<body>
<form action='/note/add' method="POST">
<p>
標題:<input type='text' name="title">
<input type="submit" value="保存">
</p>
<p>
<textarea cols="30" rows="10" name="content"></textarea>
</p>
</form>
</body>
Models
1,Note
note/models.py
from django.db import models
from user.models import User
class Note(models.Model):
title = models.CharField('標題',max_length=100)
content = models.TextField('內容')
created_time = models.DateTimeField('創建時間',auto_now_add=True)
updated_time = models.DateTimeField('更新時間',auto_now=True)
user=models.ForeignKey(User,on_delete=models.CASCADE)
2,User
note/models.py
from django.db import models
class User(models.Model):
username = models.CharField("用戶名",max_length=30,unique=True)
password = models.CharField("密碼",max_length=32)
created_time = models.DateTimeField("創建時間",auto_now_add=True)
updated_time = models.DateTimeField("更新時間",auto_now=True)
def __str__(self):
return "用戶"+self.username
class Meta:
db_table = ''
managed = True
verbose_name = 'User'
verbose_name_plural = 'Users'
Views
1,user
user/views.py
from django.shortcuts import render
from django.http import HttpResponse,HttpResponseRedirect
from .models import User
import hashlib
# Create your views here.
def reg_view(request):
#註冊
if request.method == 'GET':
#GET 返回頁面
return render(request,'user/register.html')
elif request.method == 'POST':
#POST 處理提交數據
username = request.POST['username']
password_1 = request.POST['password_1']
password_2 = request.POST['password_2']
# 1. 兩個密碼要保持一致
if password_1 != password_2:
return HttpResponse("兩次密碼輸入不一致")
# 2. 當前用戶名是否可用
old_users = User.objects.filter(username = username)
if old_users:
return HttpResponse("用戶名已註冊")
m = hashlib.md5()
# 注意:update只接收字節串,而password_1是字符串,要encode一下
m.update(password_1.encode())
password_m = m.hexdigest()
# 3. 插入數據 [明文處理密碼]
try:
user = User.objects.create(username=username,password = password_m)
except Exception as e:
# 有可能報錯 - 重複插入 [唯一索引注意併發寫入問題]
print('--create user error %s'%(e))
return HttpResponse('用戶名已註冊')
# 免登陸一天
request.session['username'] = username
request.session['uid'] = user.id
#todo 修改session存儲時間爲1天
# return HttpResponseRedirect("註冊成功")
return HttpResponseRedirect("/index")
def login_view(request):
if request.method == 'GET':
# 獲取登錄頁面
#檢查登錄狀態,如果登錄了,顯示 已登錄
if request.session.get('username') and request.session.get('uid'):
# return HttpResponse('已登錄')
return HttpResponseRedirect("/index")
#檢查Cookie
c_username = request.COOKIES.get('username')
c_uid = request.COOKIES.get('uid')
if c_username and c_uid:
# 回寫session
request.session['username'] = c_username
request.session['uid'] = c_uid
# return HttpResponse('已登錄')
return HttpResponseRedirect("/index")
return render(request,'user/login.html')
elif request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = User.objects.get(username=username)
if not user:
return HttpResponse("用戶不存在")
m = hashlib.md5()
m.update(password.encode())
if m.hexdigest() != user.password:
return HttpResponse("登陸失敗,密碼錯誤")
#記錄會話狀態
request.session['username'] = username
request.session['uid'] = user.id
resp = HttpResponseRedirect("/index")#HttpResponse('登陸成功')
# 判斷用戶是否點選了 '記住用戶名'
if 'remember' in request.POST:
# 選中了 -> Cookies 存儲 username,uid 時間3天
resp.set_cookie('username',username,3600*24*3)
resp.set_cookie('uid',user.id,3600*24*3)
return resp
#登出
def logout_view(request):
# 刪session 和 cookie
if 'username' in request.session:
del request.session['username']
if 'uid' in request.session:
del request.session['uid']
resp = HttpResponseRedirect('/index')
if 'username' in request.COOKIES:
resp.delete_cookie('username')
if 'uid' in request.COOKIES:
resp.delete_cookie('uid')
return resp
2,note
note/views.py
from django.shortcuts import render
from django.http import HttpResponse,HttpResponseRedirect
from .models import Note
#校驗登錄狀態的裝飾器寫法
def check_login(fn):
def wrap(request,*args,**kwargs):
if 'username' not in request.session or 'uid' not in request.session:
#檢查cookies
c_username = request.COOKIES.get('username')
c_uid = request.COOKIES.get('uid')
if not c_username or not c_uid:
return HttpResponseRedirect('/user/login')
else:
#回寫session
request.session['username'] = c_username
request.session['uid'] = c_uid
return fn(request,*args,**kwargs)
return wrap
# Create your views here.
@check_login
def add_note(request):
if request.method == 'GET':
return render(request,'note/add_note.html')
elif request.method == 'POST':
#處理數據
uid = request.session['uid']
title = request.POST['title']
content = request.POST['content']
Note.objects.create(title='title',content = content,user_id=uid)
return HttpResponse('添加筆記成功')
urls
1,tedu_note.urls
tedu_note/urls.py
from django.contrib import admin
from django.urls import path,include
from index import views as index_views
urlpatterns = [
path('admin/', admin.site.urls),
path('user/',include('user.urls')),
path('index',index_views.index_view),
path('note/',include('note.urls'))
]
2,user.urls
user/urls.py
from django.urls import path
from . import views
urlpatterns = [
path('reg',views.reg_view),
path('login',views.login_view),
path('logout',views.logout_view),
]
3,note.urls
note/urls.py
from django.urls import path
from . import views
urlpatterns = [
path('add',views.add_note)
]