Django - 使用電子郵件或用戶名登錄無效
[英]Django - Login with email or username not working
問題描述
在我的項目中,我實現了一個登錄系統,用戶可以使用他們的用戶名或電子郵件登錄。 我基本上嘗試查找用戶電子郵件是否插入到表單字段“usernameOrEmail”中,或者是否是他們在“usernameOrEmail”字段中輸入的用戶名。 如果找到用戶,我然后登錄它們。
這是我的代碼:
def login(request):
context = {}
if request.method == "POST":
isFound = ""
form = LoginForm(request.POST)
if form.is_valid():
try:
user = User.objects.get(username=form.cleaned_data.get("usernameOrEmail"))
isFound = "usernameFound"
except User.DoesNotExist:
try:
user = User.objects.get(email=form.cleaned_data.get("usernameOrEmail"))
isFound = "emailFound"
except User.DoesNotExist:
isFound = "nothingFound"
if isFound == "usernameFound":
print("USERNAME FOUND!")
user = auth.authenticate(username=form.cleaned_data.get("usernameOrEmail"), password=form.cleaned_data.get("password"))
if user is not None:
auth.login(request, user)
return redirect('home')
else:
context["error"] = "Oops, username/email or password provided is invalid"
elif isFound == "emailFound":
print("EMAIL FOUND")
user = auth.authenticate(email=form.cleaned_data.get("usernameOrEmail"), password=form.cleaned_data.get("password"))
if user is not None:
print("YES")
auth.login(request, user)
return redirect('home')
else:
print("NO")
context["error"] = "Oops, username/email or password provided is invalid"
else:
context["error"] = "Oops, username/email or password provided is invalid"
else:
context["error"] = "Please enter valid form data"
else:
form = LoginForm()
奇怪的是,終端返回打印語句“EMAIL FOUND”表示找到了用戶的電子郵件,但也打印了“NO”打印語句,並返回消息“哎呀,提供的用戶名/電子郵件或密碼無效”在模板中。
另一個奇怪的事情是這個系統對用戶用戶名有效,這意味着當我在“usernameOrEmail”字段中輸入用戶名時,我輸入了正確的密碼,用戶登錄了。有人知道這個問題嗎? 謝謝你。
1 個解決方案
解決方案1
1 已采納 2020-02-16 15:39:24
標准身份驗證后端僅適用於username和password 。 實際上, ModelBackend的authenticate方法 [GitHub]實現為:
def authenticate(self, request, username=None , password=None, **kwargs): if username is None: username = kwargs.get(UserModel.USERNAME_FIELD) if username is None or password is None: return try: user = UserModel._default_manager.get_by_natural_key(username) except UserModel.DoesNotExist: # Run the default password hasher once to reduce the timing # difference between an existing and a nonexistent user (#20760). UserModel().set_password(password) else: if user.check_password(password) and self.user_can_authenticate(user): return user
然而這不是問題。 您可以通過以下方式實現:
def login(request):
context = {}
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
try:
user = User.objects.get(username=form.cleaned_data['usernameOrEmail'])
except User.DoesNotExist:
try:
user = User.objects.get(email=form.cleaned_data['usernameOrEmail'])
except User.DoesNotExist:
user = None
if user is not None:
user = auth.authenticate(username=user.username, password=form.cleaned_data['password'])
if user is not None:
auth.login(request, user)
return redirect('home')
else:
context['error'] = 'Oops, username/email or password provided is invalid'
else:
context['error'] = 'Please enter valid form data'
else:
form = LoginForm()
# …
有沒有辦法使用用戶名或電子郵件登錄到 Django 管理界面?
[英]Is there any way to login to Django admin interface using username or email?
Django Registration Redux:如何將唯一標識符從用戶名更改為電子郵件,並使用電子郵件作為登錄名
[英]Django Registration Redux: how to change the unique identifier from username to email and use email as login
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.