项目文件:

   

models.py

 from django.db import models

 from django.contrib.auth.models import AbstractUser

 # Create your models here.

 class UserInfo(AbstractUser):

     role=models.ManyToManyField(to='Role',verbose_name='角色',null=True,blank=True)

     def __str__(self):

         if self.role:

             return f'{self.username}({self.role.name})'

         else:

             return f'{self.username}(未分配)'

 class Role(models.Model):

     name=models.CharField(max_length=32,verbose_name='角色名称')

     permission=models.ManyToManyField(to='Permission',verbose_name='权限')

     def __str__(self):

         return self.name

 class Permission(models.Model):

     name=models.CharField(max_length=32,verbose_name="权限")

     url=models.CharField(max_length=64,verbose_name='url')

     def __str__(self):

         return self.name

models.py

middlewares.py(自定义中间件)

 from django.utils.deprecation import MiddlewareMixin

 from django.shortcuts import redirect,HttpResponse

 import re

 class AuthPerminssion(MiddlewareMixin):

     def process_request(self,request):

         url=['/admin/.*','/register/','/login/']

         for i in url:

             if re.match(i, request.path):

                 return None

         else:

             if request.user.is_authenticated:

                 for url in request.session.get('permission'):

                     print(request.path)

                     print(request.session.get('permission'))

                     if re.match(f'{url}$',request.path):

    #if re.search(f'^{url}$',request.path):

                         return None

                     else:

                         return  HttpResponse('无权访问!')

             else:

                 return redirect('login')

middlewares.py

settings.py(中间件注册和auth表指定)

 MIDDLEWARE=[

 'django.middleware.security.SecurityMiddleware',

 'django.contrib.sessions.middleware.SessionMiddleware',

 'django.middleware.common.CommonMiddleware',

 'django.middleware.csrf.CsrfViewMiddleware',

 'django.contrib.auth.middleware.AuthenticationMiddleware',

 'django.contrib.messages.middleware.MessageMiddleware',

 'django.middleware.clickjacking.XFrameOptionsMiddleware',

 'app01.middlewares.AuthPerminssion',

 ]

 AUTH_USER_MODEL='app01.UserInfo'#配置自定义auth认真表

 STATIC_URL='/static/'

 STATICFILES_DIRS=[

 os.path.join(BASE_DIR,'static_files')

 ]

settings.py

urls.py

 from django.conf.urls import url

 from django.contrib import admin

 from app01 import views

 urlpatterns = [

     url(r'^admin/', admin.site.urls),

     url(r'^register/', views.Register.as_view(), name='register'),

     url(r'^login/', views.Login.as_view(), name='login'),

     url(r'^order/$', views.order, name='order'),

     url(r'^order/add/', views.addorder, name='addorder'),

     url(r'^order/edit/(\d+)', views.editorder, name='editorder'),

     url(r'^order/delete/(\d+)', views.deleteorder, name='deleteorder'),

     url(r'^customer/$', views.customer, name='customer'),

     url(r'^customer/add/', views.addcustomer, name='addcustomer'),

     url(r'^customer/edit/(\d+)', views.editcustomer, name='editcustomer'),

     url(r'^customer/delete/(\d+)', views.deletecustomer, name='deletecustomer'),

 ]

urls.py

form.py(自定义form组件)

 from app01 import models

 from django import forms

 from django.core.exceptions import  ValidationError

 #注册form

 class RegisterForm(forms.Form):

     name = forms.CharField(label='用户名',max_length=12, min_length=8,required=True,

         error_messages={

             'max_length':'用户名不能多于12个字符',

             'min_length':'用户名不能少于8个字符!',

             'required':'用户名不能为空!',

         },# widget=forms.TextInput(attrs={'type':'text','class':'form-control'})  )

     password=forms.CharField(label='密码',max_length=8,min_length=6required=True,

         error_messages={

             'max_length': '密码不能多于8个字符',

             'min_length': '密码不能少于6个字符!',

             'required': '密码不能为空!',

         },

         widget=forms.PasswordInput(attrs={},render_value=True) )

     r_password = forms.CharField( label='确认密码', max_length=8, min_length=6, required=True,

         error_messages={

             'max_length': '密码不能多于8个字符',

             'min_length': '密码不能少于6个字符!',

             'required': '密码不能为空!',

         }, widget=forms.PasswordInput(attrs={},render_value=True) )

     def clean_name(self):

         if models.UserInfo.objects.filter(username=self.cleaned_data.get('name')):

             raise ValidationError('当前用户已存在!')

         else:

             return self.cleaned_data.get('name')

     def clean(self):

         pwd=self.cleaned_data.get('password')

         r_ped=self.cleaned_data.get('r_password')

         if pwd!=r_ped:

             self.add_error('r_password','两次密码输入不一致!')

         else:

             return self.cleaned_data

     def __init__(self, *args, **kwargs):

         super().__init__(*args, **kwargs)

         for field in self.fields.values():

             field.widget.attrs.update({'class': 'form-control'})

 #登录modelform

 class LoginModelForm(forms.ModelForm):

     class Meta:

         model=models.UserInfo

         fields=['username','password']

         labels={ 'username':'用户名','password':'密码'}

         error_messages={'username':{'required':'用户名不能为空!'},

             'password':{'required':'密码不能为空!'},},

         widgets={'password':forms.PasswordInput(),}

     def __init__(self,*args,**kwargs):

         super().__init__(*args,**kwargs)

         for field in self.fields:

             self.fields[field].widget.attrs.update({'class': 'form-control'})

form.py

views.py

 from django.shortcuts import render,HttpResponse

 from django.views import View

 from app01.form import RegisterForm,LoginModelForm

 from django.contrib import auth

 from app01.models import UserInfo,Permission

 # Create your views here.

 class Register(View):

     def get(self,request):

         register_formobj=RegisterForm()

         return  render(request,'register.html',{'register_formobj':register_formobj,})

     def post(self,request):

         register_obj=RegisterForm(request.POST)

         if register_obj.is_valid():

             print(register_obj.cleaned_data)

             name=register_obj.cleaned_data.get('name')

             pwd=register_obj.cleaned_data.get('password')

             user_obj=UserInfo.objects.create_user(username=name,password=pwd)

             return HttpResponse('ok')

         else:

             return render(request,'register.html',{'register_formobj':register_obj,})

 class Login(View):

     def get(self,request):

         login_formobj=LoginModelForm()

         return render(request,'login.html',{'login_formobj':login_formobj})

     def post(self,request):

         print(request.POST)

         user_obj = auth.authenticate(username=request.POST.get('username'),password=request.POST.get('password'))

         if user_obj:

             auth.login(request, user_obj)

             permission_url_list=[i.url for i in Permission.objects.filter(role__userinfo__pk=request.user.pk)]

             request.session['permission']=permission_url_list

             return HttpResponse('login successed!')

         else:

             return HttpResponse('login failed!')

 def order(request):

     return HttpResponse('order...')

 def addorder(request):

     return HttpResponse('addorder...')

 def editorder(request,pk):

     return HttpResponse('editorder...')

 def deleteorder(request,pk):

     return HttpResponse('deleteorder...')

 def customer(request):

     return HttpResponse('customer...')

 def addcustomer(request):

     return HttpResponse('addcustomer...')

 def editcustomer(request,pk):

     return HttpResponse('editcustomer...')

 def deletecustomer(request,pk):

     return HttpResponse('deletecustomer...')

views.py

Templates

  register.html

 {% load static %}

 <!DOCTYPE html>

 <html lang="en">

 <head>

     <meta charset="UTF-8">

     <link rel="stylesheet" href="{% static 'bootstrap-3.3.7-dist/css/bootstrap.min.css' %}">

     <title>注册</title>

 </head>

 <body>

 <div class="container">

     <div class="row">

         <div class="col-xs-4 col-xs-offset-4">

             <form action="" method="post" novalidate>

             {% for field in register_formobj %}

             <div class="form-group">

                 <label for="{{ field.id_for_label }}">{{ field.label }}</label>

                 {{ field }}

             <span class="text-danger">{{ field.errors.0 }}</span>

             </div>

             {% endfor %}

         {% csrf_token %}

         <input type="submit" class="btn btn-primary pull-right" value="注册">

 </form>

         </div>

     </div>

 </div>

 </body>

 <script src="{% static 'jquery-3.4.1.js' %}"></script>

 <script src="{% static 'jquery-cookie-1.4.1.js' %}"></script>

 <script src="{% static 'bootstrap-3.3.7-dist/js/bootstrap.min.js' %}"></script>

 </html>

register.html

login.html

 {% load static %}

 <!DOCTYPE html>

 <html lang="en">

 <head>

     <meta charset="UTF-8">

     <link rel="stylesheet" href="{% static 'bootstrap-3.3.7-dist/css/bootstrap.min.css' %}">

     <title>login</title>

 </head>

 <body>

 <div class="container">

     <div class="row">

         <div class="col-xs-4 col-xs-offset-4">

             <form action="" method="post" novalidate>

             {% for field in login_formobj %}

             <div class="form-group">

                 <label for="{{ field.id_for_label }}">{{ field.label }}</label>

                 {{ field }}

             <span class="text-danger">{{ field.errors.0 }}</span>

             </div>

             {% endfor %}

         {% csrf_token %}

         <input type="submit" class="btn btn-primary pull-right" value="登录">

 </form>

         </div>

     </div>

 </div>

 </body>

 <script src="{% static 'jquery-3.4.1.js' %}"></script>

 <script src="{% static 'bootstrap-3.3.7-dist/js/bootstrap.min.js' %}"></script>

 </html>

login.html

RBAC在Django中基于中间件的AJAX应用案例的更多相关文章

  1. 在django中解决跨域AJAX

    由于浏览器存在同源策略机制,同源策略阻止从一个源加载的文档或脚本获取另一个源加载的文档的属性. 特别的:由于同源策略是浏览器的限制,所以请求的发送和响应是可以进行,只不过浏览器不接收罢了. 浏览器同源 ...

  2. Django 中CSRF中间件 'django.middleware.csrf.CsrfViewMiddleware',

    1.Django中CSRF中间件的工作原理及form表单提交需要添加{% csrf_token %}防止出现403错误 CSRF # 表示django全局发送post请求均需要字符串验证功能:防止跨站 ...

  3. Django中Middleware中间件

    Django中Middleware中间件 1 Middleware中间件概述 django中间middleware实质就是一个类,django会根据自己的规则在合适的时机执行中间件相应的方法.实际上当 ...

  4. Django中的中间件(middleware)

    中间件: 在研究中间件的时候我们首先要知道 1 什么是中间件? 官方的说法:中间件是一个用来处理Django的请求和响应的框架级别的钩子.它是一个轻量.低级别的插件系统,用于在全局范围内改变Djang ...

  5. Django 中的中间件

    Django 中的中间件 Django  中间件 中间件介绍 前戏 之前在判断登录的时候使用的是装饰器的功能,通过给视图函数加装饰器来增加判断是否登录的功能.但此方法的缺点是必须给每个需要判断登录的视 ...

  6. [Django高级]理解django中的中间件机制和执行顺序

    原文来自 Understanding Django Middlewares, 这篇文章从整体上介绍了django中中间件定义,作用,和怎么样自己写中间件 –orangleliu. 注:middlewa ...

  7. django中的中间件

    中间件介绍 什么是中间件? 官方的说法:中间件是一个用来处理Django的请求和响应的框架级别的钩子.它是一个轻量.低级别的插件系统,用于在全局范围内改变Django的输入和输出.每个中间件组件都负责 ...

  8. django中通过文件和Ajax来上传文件

    一.通过form表单来上传文件 1.在html模板中 <form action="/index/" method="post" enctype=" ...

  9. Python Django 之 基于JQUERY的AJAX 登录页面

    一.基于Jquery的Ajax的实现 1.url 2.vews 3.templates

随机推荐

  1. 学习笔记-CTF密码相关

    RSA共模攻击 RSA基本原理 ①  选择两个大的质数p和q,N=pq: ②  根据欧拉函数,求得r=(p-1)(q-1): ③  选一个小于r的整数e,求得e关于模r的模反元素d: ④  将p和q的 ...

  2. java在指定区间内生成随机数

    Random对象生成随机数 首先需要导入包含Random的包 import java.util.Random; nextInt(int)方法将生成0~参数之间的随机整数但不包括参数. 例如生成0~99 ...

  3. 谷歌浏览器报错Unchecked runtime.lastError: The message port closed before a response was received.。

    浏览器版本 : 报错原因:扩展程序问题 解决建议:打开chrome://extensions/,逐一关闭排查

  4. python 列表加法"+"和"extend"的区别

    相同点 : "+"和"extend"都能将两个列表成员拼接到到一起 不同点 :   + : 生成的是一个新列表(id改变) extend : 是将一个列表的成员 ...

  5. 高可用性GRE+IPSEC中心—分支

    在实际网络运用中我们时常跑GRE+IPSEC来实现我们中心到分支的远程访问回话,这样以来容易配置,而来可用性高,我们知道L2L无论是链路备份还是设备备份,都不是状态备份,当一个点断掉后,用经过几十秒甚 ...

  6. How to get binary string from ArrayBuffer?

    https://stackoverflow.com/questions/16363419/how-to-get-binary-string-from-arraybuffer https://stack ...

  7. 聊聊select, poll 和 epoll

    聊聊select, poll 和 epoll 假设项目上需要实现一个TCP的客户端和服务器从而进行跨机器的数据收发,我们很可能翻阅一些资料,然后写出如下的代码. 服务端 void func(int s ...

  8. python3yupython2的差别

    1.长整型 # python2中才有长整型概念,python3中只有整形一说 # 定义方法:变量名=整数+l (小写L) #python2环境下 >>> a=123456789123 ...

  9. python基础的一些题目

    第一部分: 第二部分: 第三部分:

  10. N - Marriage Match II 网络流

    题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=3081 推荐博客:https://www.cnblogs.com/liuxin13/p/4728131. ...