Home >Backend Development >Python Tutorial >Django user authentication system (1) User object
User Object
User object is the core of the authentication system. User objects are typically used to represent users of a website and support, for example, access control, registered users, association of creators and content, etc. There is only one user class in the Django authentication framework. For example, superusers ('superusers') or ('staff') users are just the same user objects with different attributes set.
Default fields Fields
username
User name, required field. 30 characters or less, can contain _, @, +, . and - characters.
first_name
Optional. 30 characters or fewer.
last_name
optional. 30 characters or fewer.
email
Email, optional. Email address.
passWord
Password, required. Django does not store passwords in clear text, but instead stores hashes.
groups
User groups. Many-to-many relationship to Group
user_permissions
User permissions. Many-to-many relationship to Permission
groups = models.ManyToManyField(Group, verbose_name=_('groups'),
blank=True, help_text=_('The groups this user belongs to. A user will '
' get all permissions granted to each of '
'their groups.'),
using use use ’s to ‐ ‐ ‐ ‐ ‐ verbose_name=_('user permissions'), blank =True,
help_text=_('Specific permissions for this user.'),
related_name="user_set", related_query_name="user")
is_staff
is_active
is_superuser
def has_perm(self, perm, obj=None):
Returns True if the user has the specified permission. This method
queries all available auth backends, but returns immediately if any
backend returns True. Thus, a user who has permission from a single
auth backend is assumed to have permission in general. If an object is PRoveded, permissions for this specific object are checked.
is_active and self.is_superuser:
# Otherwise we need to check the backends. Defaults to the current time.
user.last_login = timezone.now()
date_joined
The time when the user was created
Methods
Whether the user has passed the verification and logged in.
Return first_name plus the last_name, with a space in between.
Return first_name.
set_password(raw_password)
Set password. check_password(raw_password)Verify password.
Returns the collection of user group permissions.
Returns the set of all permissions of the user.
Whether the user has a certain permission. The format of perm is "
Whether the user has each permission in the permission list.
Since the password of the User object is not stored in clear text, creating a User object is different from the usual Model create, and the built-in create_user() method needs to be used.
>>> from django.contrib.auth.models import User
>>> user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword')
# At this point, user is a User object that has already been saved
# to the database. You can continue to change its attributes
# if you want to change other fields.
>>> user.last_name = ' Lennon'
>>> user.save()
Of course, you can also add users in the admin interface.
Create superusers
$ python manage.py createsuperuser --username=joe --email=joe@example.com
Change password
Use the built-in set_password() method.
>>> from django.contrib.auth.models import User
>>> u = User.objects.get(username='john')
>>> u.set_password( 'new password')
>>> u.save()
Verify user
authenticate()
Verify whether the given username and password are a valid user. If valid, a User object is returned; if invalid, None is returned.
from django.contrib.auth import authenticate
user = authenticate(username='john', password='secret')
if user is not None:
# the password verified for the user
if user.is_active:
print ("User is valid, active and authenticated")
else:
print("The password is valid, but the account has been disabled!")
else:
# the authentication system was unable to verify the username and password
print ("The username and password were incorrect.")
The above is the content of the User object in the Django user authentication system (1). For more related content, please pay attention to the PHP Chinese website (www.php.cn)!