LoginSignup
0
0

More than 1 year has passed since last update.

DjangoのAuthentication

Posted at

通常のAuthentication

djangoには最初からauthenticationをtake careしてくれるやつが存在する。

LoginとAuthenticate

authenticateでuserが正しいかチェック。
loginで実際にログイン

views.py
from django.contrib.sites.shortcuts import get_current_site
from django.shortcuts import render, redirect
from django.utils.encoding import force_bytes
from django.utils.http import urlsafe_base64_encode
from django.template.loader import render_to_string
from mysite.core.forms import SignUpForm
from mysite.core.tokens import account_activation_token

def signup(request):
    if request.method == 'POST':
        form = SignUpForm(request.POST)
        if form.is_valid():
            user = form.save(commit=False)
            user.is_active = False
            user.save()
            current_site = get_current_site(request)
            subject = 'Activate Your MySite Account'
            message = render_to_string('account_activation_email.html', {
                'user': user,
                'domain': current_site.domain,
                'uid': urlsafe_base64_encode(force_bytes(user.pk)),
                'token': account_activation_token.make_token(user),
            })
            user.email_user(subject, message)
            return redirect('account_activation_sent')
    else:
        form = SignUpForm()
    return render(request, 'signup.html', {'form': form})

URL

これで出来上がったpathが下。各URLにhtmlを配置する。password_resetに関しては今回は割愛。

urls.py
urlpatterns = [
    path('accounts/', include('django.contrib.auth.urls')),
]

accounts/login/ [name='login']
accounts/logout/ [name='logout']
accounts/password_change/ [name='password_change']
accounts/password_change/done/ [name='password_change_done']
accounts/password_reset/ [name='password_reset']
accounts/password_reset/done/ [name='password_reset_done']
accounts/reset/<uidb64>/<token>/ [name='password_reset_confirm']
accounts/reset/done/ [name='password_reset_complete']

カスタムしたAuthentication

上のやつはmailでauthenticationができないためカスタマイズする必要がある。

BaseUserManagerとAbstractBaseUser

class.pyにはBaseUserManagerとAbstractBaseUserが必要となる。

BaseUserManagerとは、BaseUserManagerのヘルパー的な立ち位置で、create_user, create_superuserといった実際にuserを作るmethodを持つ。

AbstractBaseUserとは、実際にカスタマイズするuserの"model"である。ちなみにpasswordのfieldを用意しなくてももともとあるため問題はない。

models.py
class UserAccountManager(BaseUserManager):
    def create_user(self, email, store_password, password):
        if not email:
            raise ValueError('User must have an eamil address')
        store = Store.get_object_or_404(password=store_password)
        email = self.normalize_email(email)
        user = self.model(email=email,store=store)

        user.set_password(password)
        user.save()

        return user

    def create_superuser(self, email, store_password, password):
        user = self.create_user(email=email, store_password=store_password, password=password)
        user.is_superuser = True
        user.save()

*USERNAME_FIELDとREQUIRED_FIELDSはかぶってはいけない。USERNAME_FIELDに書いた時点でrequiredになるから大丈夫。

models.py
class UserAccount(AbstractBaseUser, PermissionsMixin):
    email = models.EmailField(max_length=255, unique=True)
    store = models.ForeignKey(Store, on_delete=models.CASCADE)
    is_active = models.BooleanField(default=True)
    is_superuser = models.BooleanField(default=False)

    objects = UserAccountManager()



    USERNAME_FIELD = 'email'
    #REQUIRED_FIELDS is essntial text besides USENAME_FIELD and password
    REQUIRED_FIELDS = ['store']

    def __str__(self):
        return self.email
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0