Django user authentication system (1) User object

User Object

User object is the core of the authentication system. User objects are typically used to represent users of a website and support, for example, access control, registered users, association of creators and content, etc. There is only one user class in the Django authentication framework. For example, superusers ('superusers') or ('staff') users are just the same user objects with different attributes set.

Default fields Fields

username

User name, required field. 30 characters or less, can contain _, @, +, . and - characters.

first_name
Optional. 30 characters or fewer.

last_name
optional. 30 characters or fewer.

email
Email, optional. Email address.

passWord
Password, required. Django does not store passwords in clear text, but instead stores hashes.

groups
User groups. Many-to-many relationship to Group

user_permissions
User permissions. Many-to-many relationship to Permission

groups = models.ManyToManyField(Group, verbose_name=_('groups'),
blank=True, help_text=_('The groups this user belongs to. A user will '
         ' get all permissions granted to each of '
                                  'their groups.'),
                                                                    using         use       use ’s to  ‐ ‐ ‐ ‐ ‐                                                  verbose_name=_('user permissions'), blank =True,
help_text=_('Specific permissions for this user.'),
related_name="user_set", related_query_name="user")


is_staff

Boolean. Determines whether users can access the admin management interface. Default is False.

is_active

Boolean. Whether the user is active, default True. Generally, the user is not deleted, but the user's is_active is set to False.

is_superuser

Boolean. Default is False. When set to True, the user gets full permissions.

def has_perm(self, perm, obj=None):

"""

Returns True if the user has the specified permission. This method
queries all available auth backends, but returns immediately if any
backend returns True. Thus, a user who has permission from a single
      auth backend is assumed to have permission in general. If an object is       PRoveded, permissions for this specific object are checked.
                 is_active and self.is_superuser:
                                                                                                                                                                        # Otherwise we need to check the backends. Defaults to the current time.

user.last_login = timezone.now()


date_joined
The time when the user was created

Methods

is_anonymous()

Whether it is an anonymous user.

is_authenticated()

Whether the user has passed the verification and logged in.

get_full_name()

Return first_name plus the last_name, with a space in between.

get_short_name()

Return first_name.

set_password(raw_password)

Set password.

check_password(raw_password)

Verify password.

get_group_permissions(obj=None)

Returns the collection of user group permissions.

get_all_permissions(obj=None)

Returns the set of all permissions of the user.

has_perm(perm, obj=None)

Whether the user has a certain permission. The format of perm is ".".

has_perms(perm_list, obj=None)

Whether the user has each permission in the permission list.

Creating a user

Since the password of the User object is not stored in clear text, creating a User object is different from the usual Model create, and the built-in create_user() method needs to be used.

>>> from django.contrib.auth.models import User
>>> user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword')

# At this point, user is a User object that has already been saved
# to the database. You can continue to change its attributes
# if you want to change other fields.
>>> user.last_name = ' Lennon'
>>> user.save()

Of course, you can also add users in the admin interface.

Create superusers

$ python manage.py createsuperuser --username=joe --email=joe@example.com

Change password

Use the built-in set_password() method.

>>> from django.contrib.auth.models import User
>>> u = User.objects.get(username='john')
>>> u.set_password( 'new password')
>>> u.save()

Verify user

authenticate()

Verify whether the given username and password are a valid user. If valid, a User object is returned; if invalid, None is returned.

from django.contrib.auth import authenticate
user = authenticate(username='john', password='secret')
if user is not None:
# the password verified for the user
if user.is_active:
print ("User is valid, active and authenticated")
else:
print("The password is valid, but the account has been disabled!")
else:
# the authentication system was unable to verify the username and password
print ("The username and password were incorrect.")

The above is the content of the User object in the Django user authentication system (1). For more related content, please pay attention to the PHP Chinese website (www.php.cn)!