AI教程网 - 未来以来,拥抱AI;新手入门,从AI教程网开始......


Django2.0手册 AI君 121℃

Django comes with a user authentication system. It handles user accounts,
groups, permissions and cookie-based user sessions. This section of the
documentation explains how the default implementation works out of the box, as
well as how to extend and customize it to
suit your project’s needs.


The Django authentication system handles both authentication and authorization.
Briefly, authentication verifies a user is who they claim to be, and
authorization determines what an authenticated user is allowed to do. Here the
term authentication is used to refer to both tasks.


  • Users
  • Permissions: Binary (yes/no) flags designating whether a user may perform
    a certain task.
  • Groups: A generic way of applying labels and permissions to more than one
  • A configurable password hashing system
  • Forms and view tools for logging in users, or restricting content
  • A pluggable backend system

The authentication system in Django aims to be very generic and doesn’t provide
some features commonly found in web authentication systems. Solutions for some
of these common problems have been implemented in third-party packages:

  • 密码强度检查
  • 限制登录尝试
  • 针对第三方的身份验证(例如OAuth)


Authentication support is bundled as a Django contrib module in
django.contrib.auth. By default, the required configuration is already
included in the generated by django-admin
, these consist of two items listed in your

  1. 'django.contrib.auth' contains the core of the authentication framework,
    and its default models.
  2. 'django.contrib.contenttypes' is the Django content type system, which allows permissions to be associated with
    models you create.

and these items in your MIDDLEWARE setting:

  1. SessionMiddleware manages
    sessions across requests.
  2. AuthenticationMiddleware associates
    users with requests using sessions.

有了这些设置,运行命令 migrate 为auth相关模型创建必要的数据表,并为已安装应用中定义的任何模型创建许可。

转载请注明 » Django2.0手册:Django中的用户认证

喜欢 (0)or分享 (0)