异常值：“QuerySet”对象没有属性“password”

def login(request): if request.method == 'GET': return render (request, 'login.html') else: email = request.POST.get('email') password = request.POST.get('password') print(email,password) #Now we will try to match user entered email ID and search it in db(here we Can't use pass because it is in ecrypted mode we can see from admin panel # to filter result we can use Customer.objects.filter which will return match in list form but we want a single object so better is to use get # Customer.objects.get(email=email)) #drawback of get is that if result is matched then good else it will give error. login_customer = Customer.objects.filter(email=email) print(login_customer) print('-------') error = None if login_customer: print(email) flag = check_password(password, login_customer.password) #if user email ID is exit then we'll Check his password.:) if flag: return redirect('home') else: print(email, password) error = 'Entered Email ID OR Password is incorrect' return render(request, 'login.html',{'error':error})

from django.db import models ##Customer Model Creation. # Create your models here. class Customer(models.Model): first_name = models.CharField(max_length=50) last_name = models.CharField(max_length=50) phone = models.CharField(max_length=15) email = models.EmailField() password = models.CharField(max_length=250)

def login(request): if request.method == 'GET': return render (request, 'login.html') else: email = request.POST.get('email') password = request.POST.get('password') print(email,password) #Now we will try to match user entered email ID and search it in db(here we Can't use pass because it is in ecrypted mode we can see from admin panel # to filter result we can use Customer.objects.filter which will return match in list form but we want a single object so better is to use # Customer.objects.get(email=email)) #drawback of get is that if result is matched then good else it will give error.so better is to use login_customer = Customer.objects.get(email=email) print(login_customer) print('-------') error = None if login_customer: print(email) print('+++++') flag = check_password(password, login_customer.password) #if user email ID is exit then we'll Check his password.:) if flag: return redirect('home') else: print(email, password) error = 'Entered Email ID OR Password is incorrect' return render(request, 'login.html',{'error':error})

Django version 3.0.2, using settings 'ShaileshShop.settings' Starting development server at http://127.0.0.1:8000/ Quit the server with CONTROL-C. sheru@apple.com None Customer object (42) ------- sheru@apple.com +++++ [17/Oct/2020 03:14:26] "POST /login HTTP/1.1" 200 5167

from django.contrib.auth.hashers import make_password,check_password def signup(request): if request.method == 'GET': print(request.method) return render(request,'signup.html') else: postdata=request.POST first_name = postdata.get('firstname') last_name = postdata.get('lastname') phone = postdata.get('PhoneNumber') email = postdata.get('email') password = postdata.get('Password') #Now to store filled data if any error is coming so that User not required to fill it again.#### value={ 'first_name' : first_name, 'last_name' : last_name, 'phone' : phone, 'email' : email, #password not passing :) user need to fill it hahhahaa } ####Validating above field at server level#### error = None customer = Customer(first_name=first_name, last_name=last_name, phone=phone, email=email, password=password) if not first_name: error = 'First name is required!!' elif len(first_name) < 4: error = 'First Name must be 4 char length' elif not last_name: error ='Last Name is required!.' elif len(last_name) < 4: error = 'Last Name Must be 4 Character long.' elif len(phone) < 10: error ='Mobile number should be of 10 digit.' elif Customer.objects.filter(phone=phone): error = "Mobile no is already registered." elif len(password) < 5: error ="Password must be 5 Char length." elif len(email) <6: error = "Email Id must be more than 6 Character !" elif Customer.objects.filter(email=email): error = "Sorry You already have account with this Email ID." if not error: print(first_name,last_name,email,password,phone) customer.password = make_password(customer.password) customer.save() #best way is to go into urls.py and define name=hompage because tommorow if we'll upload on production this domain will change. return redirect('home') # return redirect('http://127.0.0.1:8000')this is not recommonded # return render(request,'index.html')#paasing data otherwise product will not shown to us after redirecting to index. # in this we will not get all product image so we need to check how we can use above data already written code else: data = { 'error': error, 'values': value, } return render(request,'signup.html', data)

1条回答

网友

1楼 · 发布于 2024-04-20 04:46:07

您的login_customer变量是一个查询集，不是Customer模型的实例。查询集在概念上类似于列表，在您的情况下，它将是客户列表

您已经在第二个视图中对此进行了修复；改用Customer.objects.get

第二个问题是密码管理。如果您查看^{}的文档，您将看到第二个参数需要一个密码哈希，而不是像您的例子中那样的两个相同字符串

我不给你讲为什么纯文本密码不好了。如果您感兴趣，请查看^{}

无论如何，您有两种选择：

（不要这样做！）使用不安全的纯文本密码，并抛出check_password函数，代替简单的if/else：

if password == login_customer.password:
    return redirect('home')
else:
    ...

使用django的内置^{}。这需要对代码进行一些重构，但从长远来看，这是一个更好的解决方案

models.py：

from django.contrib.auth.models import AbstractUser

# all other fields are already included in `AbstractUser`
class Customer(AbstractUser):
    USERNAME_FIELD = "email"

    email = models.EmailField(unique=True, db_index=True)

views.py：

from django.contrib.auth import views

class LoginView(views.LoginView):
    template_name = 'login.html'

您还需要更改模板以使用登录表单对象。以下是来自docs的示例：

<form method="post" action="{% url 'login' %}">
{% csrf_token %}
<table>
<tr>
    <td>{{ form.username.label_tag }}</td>
    <td>{{ form.username }}</td>
</tr>
<tr>
    <td>{{ form.password.label_tag }}</td>
    <td>{{ form.password }}</td>
</tr>
</table>

<input type="submit" value="login">
<input type="hidden" name="next" value="{{ next }}">
</form>

相关问题更多 >

编程相关推荐

热门问题

热门文章