所以,我试图让用户登录后,他们注册和只有在我决定他们是否有资格登录后。
基本上,我想要的流程是下一个:
- 用户尝试登录->如果他没有注册,点击注册链接(完成)
- 用户在登记表中输入一些数据并提交(完成) 现在,数据将出现在Django管理面板中。
我想要一种批准用户数据的方法,只有在允许他登录之后。
我的代码:
forms.py
class RegistrationForm(forms.Form):
username = forms.RegexField(regex=r'^w+$', widget=forms.TextInput(attrs=dict(required=True, max_length=30)), label=_("Username"), error_messages={ 'invalid': _("This value must contain only letters, numbers and underscores.") })
email = forms.EmailField(widget=forms.TextInput(attrs=dict(required=True, max_length=30)), label=_("Email address"))
password1 = forms.CharField(widget=forms.PasswordInput(attrs=dict(required=True, max_length=30, render_value=False)), label=_("Password"))
password2 = forms.CharField(widget=forms.PasswordInput(attrs=dict(required=True, max_length=30, render_value=False)), label=_("Password (again)"))
def clean_username(self):
try:
user = User.objects.get(username__iexact=self.cleaned_data['username'])
except User.DoesNotExist:
return self.cleaned_data['username']
raise forms.ValidationError(_("The username already exists. Please try another one."))
def clean(self):
if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data:
if self.cleaned_data['password1'] != self.cleaned_data['password2']:
raise forms.ValidationError(_("The two password fields did not match."))
return self.cleaned_data
views.py
@csrf_protect
def register(request):
if request.method == 'POST':
form = RegistrationForm(request.POST)
if form.is_valid():
user = User.objects.create_user(
username=form.cleaned_data['username'],
password=form.cleaned_data['password1'],
email=form.cleaned_data['email']
)
return HttpResponseRedirect('/register/success/')
else:
form = RegistrationForm()
variables = RequestContext(request, {
'form': form
})
return render_to_response(
'registration/register.html',
variables,
)
def register_success(request):
return render_to_response(
'registration/success.html',
)
def logout_page(request):
logout(request)
return HttpResponseRedirect('/')
@login_required
def home(request):
return render_to_response(
'home.html', {
'user': request.user
}
)
urls . py
urlpatterns = [
url(r'^$', 'django.contrib.auth.views.login'),
url(r'^logout/$', views.logout_page),
url(r'^accounts/login/$', 'django.contrib.auth.views.login'),
url(r'^register/$', views.register),
url(r'^register/success/$', views.register_success),
url(r'^home/$', views.home),
url(r'^admin/', include(admin.site.urls)),
]
login.html
<form method="post" action=".">
{% if form.errors %}
<p>Your username and password didn't match. Please try again.</p>
{% endif %}
{% csrf_token %}
<table border="0">
<tr><th><label for="id_username">Name:</label></th><td>{{ form.username }}</td></tr>
<tr><th><label for="id_password">Password:</label></th><td>{{ form.password }}</td></tr>
</table>
<div class="send">
<div class="now" style="text-align: center">
<input type="submit" value="Login" />
<input type="hidden" name="next" value="/home" />
</div>
</div>
</form>
register.html
<form method="post" action=".">{% csrf_token %}
<table border="0">
{{ form.as_table }}
</table>
<input type="submit" value="Register" />
</form>
有什么想法吗?
您可以将用户保存为is_active
标志false,然后当您决定激活该用户时(is_active
为True)。带有is_active=False
的用户无法登录,但会在管理面板中为您显示。
user = User.objects.create_user(
username=form.cleaned_data['username'],
password=form.cleaned_data['password1'],
email=form.cleaned_data['email'],
)
user.is_active = False
user.save()