python - Django:默认情况下如何停止给予新用户员工状态和超级用户状态
问题描述
当我注册一个新用户时,我可以在管理页面上使用我的超级用户帐户登录。错误是“请为员工帐户输入正确的用户名和密码。请注意,这两个字段可能区分大小写”。
我发现新用户默认拥有员工状态和超级用户状态的权限。我可以在新用户帐户中登录管理页面。所以,我认为登录错误的发生是因为默认授予新用户 Staff 和 Superuser 权限。
我以为这些代码
password1 = forms.CharField(max_length=30, required=False, help_text='Optional', widget=forms.TextInput(attrs={'placeholder': 'Password'}))
password2 = forms.CharField(max_length=30, required=False, help_text='Optional', widget=forms.TextInput(attrs={'placeholder': 'Repeat your password'}))
在 forms.py 中是原因。所以我尝试向他们注册,而不是向他们注册。但是,结果是一样的。
- 如何使新用户只有活动状态权限,而不是默认的员工和超级用户权限?
- 我对管理员登录错误的假设是否正确?2-1)如果不是,如何解决这个问题?
这是views.py
from django.shortcuts import render, redirect
from django.http import HttpResponse
from django.views.generic import TemplateView, CreateView
from django.contrib.auth.mixins import LoginRequiredMixin
from .forms import SignUpForm, ProfileForm
from django.urls import reverse_lazy
from .models import *
from django.contrib import messages
from django.contrib.auth import authenticate, login
def update_profile(request):
if request.method == 'POST':
form = SignUpForm(request.POST, instance=request.user)
profile_form = ProfileForm(request.POST, instance=request.user.profile)
if form.is_valid() and profile_form.is_valid():
user = form.save()
profile = profile_form.save(commit=False)
profile.user = user
profile.save()
# username = form.cleaned_data.get('username')
# password = form.cleaned_data.get('password1')
# user = authenticate(request, username=username, password=password)
return redirect('login')
else:
form = SignUpForm()
profile_form = ProfileForm()
context = {'form': form, 'profile_form': profile_form}
return render(request, 'common/register.html', context)
这是forms.py
from django import forms
from django.contrib.auth.models import User
from django.contrib.auth.forms import UserCreationForm
from apps.userprofile.models import Profile
# from django.db.models import fields
# from django.db import models
# from django.shortcuts import render, redirect
class SignUpForm(UserCreationForm):
first_name = forms.CharField(max_length=30, required=False, help_text='Optional', widget=forms.TextInput(attrs={'placeholder': 'Your first name'}))
last_name = forms.CharField(max_length=30, required=False, help_text='Optional', widget=forms.TextInput(attrs={'placeholder': 'Your last name'}))
email = forms.EmailField(max_length=254, required=False, help_text='Enter a valid email address', widget=forms.EmailInput(attrs={'placeholder': 'Your email'}))
password1 = forms.CharField(max_length=30, required=False, help_text='Optional', widget=forms.TextInput(attrs={'placeholder': 'Password'}))
password2 = forms.CharField(max_length=30, required=False, help_text='Optional', widget=forms.TextInput(attrs={'placeholder': 'Repeat your password'}))
class Meta:
model = User
widgets = {
'username': forms.TextInput(attrs={'placeholder': 'Username'})
}
fields = [
'username',
'first_name',
'last_name',
'email',
'password1',
'password2',
]
class ProfileForm(forms.ModelForm):
class Meta:
model = Profile
fields= [ 'student_ID', 'CBNU_PW' ]
widgets = {
'student_ID': forms.TextInput(attrs={'placeholder': 'student_ID'}),
'CBNU_PW': forms.TextInput(attrs={'placeholder': 'CBNU_PW'})
}
这是模型.py
from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save
from django.dispatch import receiver
class Profile(models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE)
student_ID = models.CharField(max_length=30, blank=True)
CBNU_PW = models.CharField(max_length=30, blank=True)
def __str__(self):
return '%s %s' % (self.user.first_name, self.user.last_name)
@receiver(post_save, sender=User)
def create_user_profile(sender, instance, created, **kwargs):
if created:
Profile.objects.create(user=instance)
@receiver(post_save, sender=User)
def save_user_profile(sender, instance, **kwargs):
instance.profile.save()
解决方案
推荐阅读
- laravel - laravel 集合中不存在方法 paginate
- r - 将列分成两列 r
- data-structures - 父P为红色而叔U为黑色时插入红黑树
- numpy - 如何实现为 ODE 的非线性系统生成 Poincaré 截面的方法?
- c# - 无法在第二行扩展第一行高度
- javascript - 音频没有在 js 中播放
- angular - 未捕获(承诺):TypeError:无法读取未定义的属性“人”
- c++ - c++ - 无法读取二进制文件
- wordpress - 如何更改 Wordpress 中所需的评论消息?
- unity3d - Unity:如果从下方跳到平台,则忽略平台的碰撞。使用 ContactFilter 和rigidBody.Cast()