在API成功登录后,我一直在尝试将用户重定向到主页。来自Angular的电子邮件id和密码。如果用户存在于SQL中,我想重定向到主页面。
然而,电子邮件和密码已经存在于SQL服务器中,我在Django rest框架中调用了存储过程。
我只想在‘demouser@demo.com'和'NewUser@1'到存储过程中,现在我有了电子邮件和密码的硬编码值,我想这是从POST请求中获得的。我如何才能在存储过程中传递post请求。
views.py
@api_view(['GET', 'POST'])
def CheckUserStatusView(request):
if request.method == 'GET':
users = Tblusers.objects.all()
serializer = CheckUserStatusSerializers(users, many=True)
return Response(serializer.data)
elif request.method == 'POST':
cursor = connection.cursor()
cursor.execute('EXEC [dbo].[sp_CheckOneQUserStatus] @EmailId=%s, @Password=%s', ('demouser@demo.com', 'NewUser@1'))
result_set = cursor.fetchall()
for row in result_set:
row[2]
if request.data.get('EmailId') == row[2]:
serializer = CheckUserStatusSerializers(data=request.data)
if serializer.is_valid():
serializer.save()
return HttpResponseRedirect(redirect_to='https://127.0.0.1:4200/#/dashboard')
# return Response(status=status.HTTP_308_PERMANENT_REDIRECT)
return Response(status=status.HTTP_201_CREATED)
serializers.py
class CheckUserStatusSerializers(serializers.ModelSerializer):
class Meta:
model = Tblusers
fields ='__all__'
型号.py
class Tblusers(models.Model):
UserID = models.AutoField(db_column='UserID', primary_key=True)
FullName = models.CharField(db_column='FullName', max_length=255)
Emailid= models.CharField(db_column='AccentureID', max_length=255)
Password = models.CharField(db_column='Password', max_length=200)
您可以从类似的请求对象中获得它
elif request.method == 'POST':
email = request.POST.get('email')
password = request.POST.get('password')
cursor = connection.cursor()
cursor.execute('EXEC [dbo].[sp_CheckOneQUserStatus] @EmailId=%s, @Password=%s', (email, password))
result_set = cursor.fetchall()
我建议尝试使用Django ORM,它是安全的,不要将用户的原始密码存储在表中。尝试对其进行哈希并存储。这是一个很好的做法。