Django2.0官方文档学习-用户权限控制

Django2.0官方文档学习-用户权限控制

Django20官方文档学习-用户权限控制
Overview概览

Installation安装

Usage用法

Django comes with a user authentication system. It handles user accounts, groups, permissions and cookie-based user sessions. This section of the documentation explains how the default implementation works out of the box, as well as how to extend and customize it to suit your project’s needs.

Django有一个用户认证系统。它处理用户的账户、组、许可和基于cookie的用户session。这部分文档解释了标准实现过程及针对用户具体需求进行拓展或定制的方法。

Overview¶概览

The Django authentication system handles both authentication and authorization. Briefly, authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do. Here the term authentication is used to refer to both tasks.

django认证管理系统处理认证和授权。大体上，认证功能认证一个用户并授权该用户在许可范围内进行操作。在这里，认证包括两项工作。

The auth system consists of:

认证系统包括：

Users

用户

Permissions: Binary (yes/no) flags designating whether a user may perform a certain task.

许可：使用二进制标记实现是否允许用户进行某一项操作

Groups: A generic way of applying labels and permissions to more than one user.

组：当超过一个用户的时候，通常采用标签和许可的方式进行管理。

A configurable password hashing system

一个可配置的密码哈希系统

Forms and view tools for logging in users, or restricting content

用户登录或受限的内容的窗体和视图工具

A pluggable backend system

可动态增减的后端系统

The authentication system in Django aims to be very generic and doesn’t provide some features commonly found in web authentication systems. Solutions for some of these common problems have been implemented in third-party packages:

认证系统目标是实现普通的认证功能，部分网站认证系统中常见的功能并未进行提供，可以通过第三方包的方式进行补充实现。

Password strength checking

密码强度检测。

Throttling of login attempts

限制尝试登录次数

Authentication against third-parties (OAuth, for example)

对第三方模块的认证

Installation安装

Authentication support is bundled as a Django contrib module in django.contrib.auth. By default, the required configuration is already included in the settings.py generated by django-admin startproject, these consist of two items listed in your INSTALLED_APPS setting:

认证功能模块在django系统中默认已经安装，该模块位于django.contrib.auth。默认情况下，所需要的配置已经在django-admin startproject运行时在settings.py中进行了生成，包括两个项目。

‘django.contrib.auth’ contains the core of the authentication framework, and its default models.

‘django.contrib.auth’ 包含了认证框架的核心和默认的模型model

‘django.contrib.contenttypes’ is the Django content type system, which allows permissions to be associated with models you create.

‘django.contrib.contenttypes’ 时django内容类型系统，它允许一些与你创建的模型相关联的许可。

and these items in your MIDDLEWARE setting:

这些项目在你的settings.py文件的MIDDLEWARE项目下：

SessionMiddleware manages sessions across requests.

SessionMiddleware管理有关request的session

AuthenticationMiddleware associates users with requests using sessions.

AuthenticationMiddleware用session关联用户和request请求

With these settings in place, running the command manage.py migrate creates the necessary database tables for auth related models and permissions for any models defined in your installed apps.

上述配置设置好以后，运行python manage.py migrate 以创建所需要的认证相关数据库表及你所安装的应用中定义的数据模型的相关许可。

Usage用法

Using Django’s default implementation

django的默认方式

Working with User objects

使用User用户对象

Permissions and authorization

许可和授权

Authentication in web requests

网页request请求和认证

Managing users in the admin

使用管理模块管理用户

API reference for the default implementation

默认实现的API参考

Customizing Users and authentication

定制User和认证

Password management in Django

密码管理

快捷键

加粗

Ctrl + B

斜体

Ctrl + I

引用

Ctrl + Q

插入链接

Ctrl + L

插入代码

Ctrl + K

插入图片

Ctrl + G

提升标题

Ctrl + H

有序列表

Ctrl + O

无序列表

Ctrl + U

横线

Ctrl + R

撤销

Ctrl + Z

重做

Ctrl + Y