User模型扩展和自定义

参考如下：

1.1 创建基于`User` 的proxy model，就是使用代理模型

1.2 使用abstractuser扩充fields

试验过，但是总是有报错，应该是哪里设置的问题。

复制代码代码如下:

profiles/models.py

from django.db import models

from django.contrib.auth.models import AbstractUser

from django.utils.translation import ugettext_lazy as _

# Create your models here.

class KarmaUser(AbstractUser):

karma = models.PositiveIntegerField(_("karma"),default=0,blank=True)

settings.py

AUTH_USER_MODEL = 'profiles.KarmaUser'

1.3.使用一对一关系将相关的模型一个个联系起来，扩充原来的User模型

这很像django 1.5之前的方式.很适用于创建第三方扩充包的场景,松耦合,不会破坏之前项目的结构.

需要此方法的场景:
- 在自己的django prj下,希望有多重user拥有各自很不相同的字段.或许希望有些用户组合起来一些用户的类型字段,并且希望能在模型层面上解决这些问题.
例子如下:

profiles/models.py

复制代码代码如下:

from django.conf import settings

from django.db import models

from flavors.models import Flavor

class EaterProfile(models.Model):

# 默认用户资料

user = models.OneToOneField(settings.AUTH_USER_MODEL)

favorite_ice_cream = models.ForeignKey(Flavor,null=True,blank=True)

class ScooperProfile(models.Model):

user = models.OneToOneField(settings.AUTH_USER_MODEL)

scoops_scooped = models.IntegerField(default=0)

class InventorProfile(models.Model):

user = models.OneToOneField(settings.AUTH_USER_MODEL)

flavors_invented = models.ManyToManyField(Flavor,null=True,blank=True)

1.4.继承abstractbaseuser来替代原来的User模型

只有当你对usermodel里面的默认字段不满的时候才要使用,这个方法只保留了passwork,last_login,is_active三个字段。

参考官方文档:
https://docs.djangoproject.com/en/1.7/topics/auth/customizing/

个人认为在我的建站场景中,第二种最合适.正在测试是否可以用抽象类简化模型.待续...

以上3种方法各有优劣,大家根据自己的需求,自由选择吧。

2. OneToOneFiled的具体实现记录

1. 需求：为了防止暴力破解，要求玩家连续登录5次错误之后帐号锁定10分钟（10分钟后自动解除锁定）。管理员可以手动解除锁定。用户登录成功后错误次数清零。

2. 做好的登录app目录如下：

3. 设计数据库 loginapp/models.py如下:

#-*- encoding:utf-8 -*-

from django.contrib.auth.models import AbstractUser

from django.contrib.auth.models import User

from django.db import models

import datetime

import django.utils.timezone as timezone

class Userotherstatus(models.Model):

    user=models.OneToOneField(User,on_delete=models.CASCADE)

    is_freezed=models.BooleanField(default=False,help_text=u"帐号是否被冻结")

    freezed_time=models.DateTimeField(null=True,blank=True,help_text=u"帐号冻结的时间点")

    pass_errnum=models.IntegerField(default=0,help_text=u"密码已经错误次数")

注意：通过 python manage.py migrate将models应用导数据库后，创建用户过后，User模型一对一的Userotherstatus模型对应的数据库表里面没有数据。

解决办法使用 django signal。当我们创建和更新用户实例时，Userotherstatus模块也会被自动创建和更新。

4. signal 实现如下：

参考: https://blog.csdn.net/qq_32506555/article/details/53219036

参考: https://yiyibooks.cn/xx/Django_1.11.6/topics/signals.html

loginapp/signals.py

#-*- encoding: utf-8 -*-

from django.db.models.signals import post_save

from django.contrib.auth.models import User

from .models import Userotherstatus

from django.dispatch import receiver

@receiver(post_save, sender=User)

def creat_user_otherstatus(sender,instance,created,**kwargs):

    print "use signal creat"

    if created:

        Userotherstatus.objects.create(user=instance)

@receiver(post_save, sender=User)

def save_user_otherstatus(sender, instance, **kwargs):

    print (" use signal save")

    instance.userotherstatus.save()

#

signal 信号注册：

loginapp/apps.py

# -*- coding: utf-8 -*-

from __future__ import unicode_literals

from django.apps import AppConfig

class LoginappConfig(AppConfig):

    name = 'loginapp'

    def ready(self):

        import loginapp.signals

loginapp/__init__.py

default_app_config = 'loginapp.apps.LoginappConfig'

5. 后台views的实现 loginapp/views.py:

思路：

帐号是否锁定》锁定》判断是否过了锁定时间》是》解锁并且错误次数设置为0

　　　　　　　　　　　　　　　　　　　　　否》提示处于锁定状态

　　　　　　》没锁定》判断错误次数

　　　　　　　　　　》都不满足进行登录验证

# -*- coding: utf-8 -*-

from __future__ import unicode_literals

from django.shortcuts import render

from django.http import HttpResponse, HttpResponseRedirect

from django.contrib.auth import authenticate,login,logout

from django.contrib.auth.models import User

# from django.contrib.auth.models import BaseUserManager

# from django.contrib.auth.hashers import make_password, check_password

# from django.views.generic.base import View

import datetime

from LoginForm import MyLoginForm

from loginapp.models import Userotherstatus

from django.views.decorators.csrf import csrf_protect,requires_csrf_token

# Create your views here.

@requires_csrf_token

@csrf_protect

def MyLogin(request):

    lock_time=60

    pass_error_limit=5

    form = MyLoginForm()

    if request.method=="POST":

        print request.path

        #验证表单

        form = MyLoginForm(request.POST)

        if form.is_valid():

            username=request.POST["username"]

            password=request.POST["password"]

        #验证用户

        try:

            user_id=User.objects.get(username=username).id

            print 1111111111111111111111

        except Exception:

            return render(request,'loginapp/login.html',{'form':form,'msg':"用户不存在"})

        freezed_time=Userotherstatus.objects.get(user_id=user_id).freezed_time

        pass_errornum=Userotherstatus.objects.get(user_id=user_id).pass_errnum

        is_freezed=Userotherstatus.objects.get(user_id=user_id).is_freezed

        print(freezed_time,pass_errornum,is_freezed)

        if is_freezed==True and freezed_time:

            print 2222222222222222222222

            print ((datetime.datetime.now() - (freezed_time.replace(tzinfo=None))).total_seconds())

            if (datetime.datetime.now()-(freezed_time.replace(tzinfo=None))).total_seconds()>lock_time:

                print("重置")

                Userotherstatus.objects.filter(user_id=user_id).update(is_freezed=False,pass_errnum=0)

                # Userotherstatus.objects.filter(user_id=user_id).update()

                user=authenticate(username=username,password=password)

                if user is not None and user.is_active:

                    login(request,user)

                    User.last_login=datetime.datetime.now()

                    return HttpResponse("登录成功")

            else :

                return render(request,'loginapp/login.html',

                              {'form':form,'msg':'帐号锁定中,请稍后再尝试,需要解锁请联系管理员!'})

        if pass_errornum>=5:

            print 33333333333333333

            Userotherstatus.objects.filter(user_id=user_id).update(is_freezed=True,pass_errnum=0)

            Userotherstatus.objects.filter(user_id=user_id).update(freezed_time=datetime.datetime.now())

            return render(request,'loginapp/login.html',

                          {'form':form,'msg':"密码连续错误5次，帐号已经被锁定"})

        else:

            user=authenticate(username=username,password=password)

            if user is not None and user.is_active:

                login(request, user)

                User.last_login = datetime.datetime.now()

                Userotherstatus.objects.filter(user_id=user_id).update(is_freezed=False,pass_errnum=0)

                # Userotherstatus.objects.filter(user_id=user_id).update()

                return HttpResponse("登录成功")

            else:

                print 4444444444444444444444

                Userotherstatus.objects.filter(user_id=user_id).update(pass_errnum=(int(pass_errornum)+1))

                return render(request, 'loginapp/login.html',

                              {'form': form})

    else:

        return  render(request,'loginapp/login.html',

                       {'form':form})

6. 附上表单 loginapp/LoginForm.py

#-*- encoding: utf-8 -*-

from django import forms

class MyLoginForm(forms.Form):

    username=forms.CharField(label="inputUser",

                             max_length=20,

                             error_messages={'required':"请输入用户名"},

                             widget=forms.TextInput(

                                 attrs={

                                 'placeholder':"User Name",

                                 'required':'True',

                                 'class':'form-control'

                                })

                             )

    password=forms.CharField(label="inputPassword",

                             max_length=100,

                             error_messages={'required':"请输入密码"},

                             widget=forms.PasswordInput(

                                 attrs={

                                     'placeholder': "Password",

                                     'required':"True",

                                      'class':'form-control',

                                 })

                             )

7. 附上 login.html

<!DOCTYPE html>

<html lang="zh-CN">

  <head>

    <meta charset="utf-8">

    <meta http-equiv="X-UA-Compatible" content="IE=edge">

    <meta name="viewport" content="width=device-width, initial-scale=1">

    <!-- 上述3个meta标签*必须*放在最前面，任何其他内容都*必须*跟随其后！ -->

    <meta name="description" content="">

    <meta name="author" content="">

    <link rel="icon" href="../static/favicon.ico">

    <title>Signin Page</title>

    <!-- Bootstrap core CSS -->

    <link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">

    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->

    <link href="../static/css/ie10-viewport-bug-workaround.css" rel="stylesheet">

    <!-- Custom styles for this template -->

    <link href="../static/css/signin.css" rel="stylesheet">

    <!-- Just for debugging purposes. Don't actually copy these 2 lines! -->

    <!--[if lt IE 9]><script src="../static/js/ie8-responsive-file-warning.js"></script><![endif]-->

    <script src="../static/js/ie-emulation-modes-warning.js"></script>

    <!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->

    <!--[if lt IE 9]>

      <script src="https://cdn.bootcss.com/html5shiv/3.7.3/html5shiv.min.js"></script>

      <script src="https://cdn.bootcss.com/respond.js/1.4.2/respond.min.js"></script>

    <![endif]-->

  </head>

  <body>

    <div class="container">

      <form class="form-signin" action="" method="post">

        {% csrf_token %}

        <h2 class="form-signin-heading">Please sign in</h2>

        {{form.username.errors}}

        {{form.username.lable_tag}}

        {{form.username}}

        {{form.password.errors}}

        {{form.password.lable_tag}}

        {{form.password}}

        <div class="checkbox">

          <label>

            <input type="checkbox" value="remember-me"> Remember me

          </label>

        </div>

        <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>

        {{msg}}

      </form>

    </div> <!-- /container -->

    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->

    <script src="../static/js/ie10-viewport-bug-workaround.js"></script>

  </body>

</html>

<!--<form class="form-signin" action="" method="post">-->

        <!--<h2 class="form-signin-heading">Please sign in</h2>-->

        <!--<label for="inputUser" class="sr-only">User</label>-->

        <!--<input type="text" id="inputUser" class="form-control" placeholder="User Name" required autofocus>-->

        <!--<label for="inputPassword" class="sr-only">Password</label>-->

        <!--<input type="password" id="inputPassword" class="form-control" placeholder="Password" required>-->

        <!--<div class="checkbox">-->

          <!--<label>-->

            <!--<input type="checkbox" value="remember-me"> Remember me-->

          <!--</label>-->

        <!--</div>-->

        <!--<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>-->

      <!--</form>-->