1.settings.py配置
# smtp服务的邮件服务器
EMAIL_HOST = 'smtp.163.com'
# smtp服务固定的端口是25 / 625
EMAIL_PORT = 25
# 发送邮件的邮箱
EMAIL_HOST_USER = 'a123@163.com'
# 在邮箱中设置的客户端授权密码
EMAIL_HOST_PASSWORD = 'ADQWEQDQ'
# 收件人看到的发件人《此处要和发送邮件的邮箱相同>
EMAIL_FROM = 'python<a123@163.com>'
2. 流程
# 1. 安装第三方库
pip install itsdangerous
# 2. 创建token工具utils.py
'''
为什么要用itsdangerous,是为了保证你的加密的数据没有被人修改,
因为修改了就无法重新解出原数据,若超时了也无法解出内容,应用场景激活,
发一个激活的网址给你,你若在一定时间内,未激活,会激活超时。
'''
import base64
from itsdangerous import URLSafeTimedSerializer as utsr
from new.settings import SECRET_KEY
class Token:
def __init__(self, security_key):
self.security_key = security_key
self.salt = base64.encodebytes(security_key.encode('utf8')) # 随机字符串
# 生成token
def generate_validate_token(self, username):
serializer = utsr(self.security_key)
return serializer.dumps(username, self.salt)
# 验证token
def confirm_validate_token(self, token, expiration=3600):
serializer = utsr(self.security_key)
return serializer.loads(token, salt=self.salt, max_age=expiration)
# 删除token
def remove_validate_token(self, token):
serializer = utsr(self.security_key)
print(serializer.loads(token, salt=self.salt))
return serializer.loads(token, salt=self.salt)
token_confirm = Token(SECRET_KEY) # 定义为全局变量: SECRET_KEY:settings.py里的随机字符串
# 3. 创建路由(urls.py)
# 生成token发送邮件,邮件验证
path('checkuser/',views.check_user,name="checkuser"),
# 点击跳转激活
path('active/<token>/',views.active,name="active"),
# 4. 创建注册页面(re.html)
<body>
<form action="{% url 'App02:checkuser' %}" method="post">
{% csrf_token %}
用户名:<input type="text" name="username"><br>
密码:<input type="password" name="password"><br>
<input type="submit">
</form>
</body>
# 5. 创建邮箱内容html(ac.html)
<body>
<p>亲爱的用户:</p>
<h2>请点击链接<a href="{{ url }}">激活</a> 账号</h2>
</body>
# 6. 生成token发送邮件
def check_user(request):
if request.method == "POST":
username = request.POST.get("username")
password = request.POST.get("password")
# 检测用户是否存在
user = User.objects.filter(username=username, password=password).first()
if user:
return HttpResponse("用户已存在")
# 保存用户信息
user = User.objects.create(username=username, password=password, is_active=0)
# 获取token
token = token_confirm.generate_validate_token(user.uid)
print(token)
# 构造验证url
url = 'http://' + request.get_host() + reverse('App02:active', kwargs={'token': token})
print(url)
# 加载模板
html = loader.get_template('ac.html').render({'url': url})
# 发送邮箱确认激活: html_message:加载html文件
send_mail("账号激活", "", EMAIL_FROM, ['1476088673@qq.com'], html_message=html)
return HttpResponse("激活邮件已发送,请登录邮箱确认激活")
return render(request, 're.html')
# 7. 邮件跳转后的操作(验证token)
def active(request, token):
"""激活用户"""
try:
uid = token_confirm.confirm_validate_token(token)
print("uid=", uid)
except:
uid = token_confirm.remove_validate_token(token)
user = User.objects.get(pk=uid)
user.delete()
return HttpResponse("激活失败,请重新注册")
try:
user = User.objects.get(pk=uid)
except User.DoesNotExist:
return HttpResponse("你激活的用户不存在,请重新注册")
user.is_active = 1 # 激活用户
user.save()
return HttpResponse('用户已激活,请登录系统')