[英]Python Django, How I Can use username(uname) or email as a login credentials?
Python Django, How I Can use username(uname) or email as a login credentials? Python Django,如何使用用户名(uname)或 email 作为登录凭据? my python file are views,URLs,models,settings.py我的 python 文件是视图、URL、模型、settings.py
def loginpage(request): def 登录页面(请求):
if request.method=="POST":
try:
Userdetails=newacc.objects.get(email=request.POST['email'],pwd=request.POST['pwd'])
print("Username=",Userdetails)
request.session[ 'email']=Userdetails.email
return render(request,'Logout.html')
except newacc.DoseNotExist as e:
messages.success(request,' Username / Password Invalid.')
return render(request,'Login.html')
You can work with a Q
object to make a disjunction between email
and uname
:您可以使用Q
object 在email
和uname
之间进行分离:
from django.db.models import Q
if request.method=="POST":
try:
Userdetails=newacc.objects.get(
Q(email=request.POST['email']) | Q(uname=request.POST['email']),
pwd=request.POST['pwd']
)
print("Username=",Userdetails)
request.session[ 'email']=Userdetails.email
return render(request,'Logout.html')
except newacc.DoseNotExist as e:
messages.success(request,' Username / Password Invalid.')
return render(request,'Login.html')
But it seems that your user model does not make use of password hashing .但是您的用户 model 似乎没有使用密码散列。 I strongly advise to read the documentation on password management and hash passwords in your user model to prevent hackers from exploiting the passwords stored in the database if they manage to read that.我强烈建议您阅读用户 model 中有关密码管理和 hash 密码的文档,以防止黑客在设法读取数据库中存储的密码时利用这些密码。 See also this section on Customizing Authentication in Django .另请参阅Django 中的自定义身份验证部分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.