我对Python很陌生。
我的问题是我想限制已经登录的用户访问登录和注册页面。
本质上,我正在寻找的是像@login_required装饰器,这将允许访问这些页面的用户谁是不登录。
到目前为止,我有
- 看了其他SO问题,如django注册:如何防止登录用户注册?,但是我已经尝试了解决方案,它不适合我。我已经搜索了Django Documentation, Django Girls和其他提供Django教程的网站。
这是我的views.py的登录:
def login_view(request): # Login View to begin user session
print(request.user.is_authenticated())
if request.method == 'POST':
form = UserLogInForm(request.POST)
if form.is_valid():
username = form.cleaned_data.get('username')
password = form.cleaned_data.get('password')
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
print(request.user.is_authenticated())
return HttpResponseRedirect('/')
else:
form = UserLogInForm()
return render(request, 'login.html', {'form': form})
else:
form = UserLogInForm()
return render(request, 'login.html', {'form': form})
和sign up:
class signup_view(View):
form_class = UserSignUpForm
template_name = 'signup.html'
# Blank form is requested
def get(self, request):
form = self.form_class(None)
return render(request, self.template_name, {'form': form})
# Form is filled in and posted to DB - Process the Data
def post(self, request):
form = self.form_class(request.POST)
if form.is_valid():
# Further checks before committing object to the DB
# Cleaned Data
first_name = form.cleaned_data['first_name']
last_name = form.cleaned_data['last_name']
email = form.cleaned_data['email']
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user = User.objects.create_user(first_name=first_name,
last_name=last_name,
email=email,
username=username,
password=password
)
user.set_password(password)
user.save()
user = authenticate(email=email, username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/')
return render(request, self.template_name, {'form': form})
如果有人知道任何解决方案,那就太棒了,谢谢。
由于您使用的是基于类的视图,因此您可以使用userpasssestestmixin并在检查方法测试中检查用户是否为匿名:
class signup_view(UserPassesTestMixin, View):
...
def test_func(self):
return self.request.user.is_anonymous()
您可以使用@user_passes_test装饰器为其他视图做类似的事情。
我想你可以添加这样一个中间件:your_app/中间件)/user_restriction_middleware.py
文件应该是这样的:
class UserRestrictionMiddleware:
def process_request(self, request):
if request.user.is_authenticated():
request_path = request.path_info
if request_path.startswith('/login/') or request_path.startswith('/register/') :
return HttpResponseRedirect('.... to whereever you want...')
将这些添加到settings.py的MIDDLEWARE_CLASSES中,像这样:"your_app.middlewares.user_restriction_middleware.UserRestrictionMiddleware",
将此代码添加到POST请求表单前。
class login(request):
if request.user.is_authenticated:
return redirect('app_name_space_name:your_url_name_to_send_authenticated_user_to')
#Your codes here