Django后台管理与会话技术解析
自定义模型管理类实现
Django后台通过继承admin.ModelAdmin自定义模型管理,控制字段展示与操作逻辑:
from django.contrib import admin
from inventory.models import Product
class ProductAdmin(admin.ModelAdmin):
list_display = ('title', 'date_added', 'last_modified')
search_terms = ('title',)
filter_options = ('availability',)
sort_order = ('-date_added',)
form_layout = ('title', 'details', 'availability')
admin.site.register(Product, ProductAdmin)
参数说明:
list_display:定义列表视图展示字段search_terms:启用标题搜索功能filter_options:添加可用性筛选器sort_order:按添加时间降序排列form_layout:定制编辑表单字段顺序
关联模型内联编辑
使用内联类处理一对多关系:
from django.contrib import admin
from store.models import Order, Item
class ItemInline(admin.StackedInline):
model = Item
initial_forms = 2
class OrderAdmin(admin.ModelAdmin):
inlines = [ItemInline]
admin.site.register(Order, OrderAdmin)
功能解析:
ItemInline在订单编辑页嵌入商品表单initial_forms控制初始显示的表单数量
管理界面模板定制
重写登录页模板:
<!-- templates/admin/login.html -->
{% extends "admin/base_site.html" %}
{% block content %}
<h2>系统管理平台登录</h2>
{{ block.super }}
{% endblock %}
通过模板继承机制覆盖默认界面元素。
基础模型注册
简单模型快速接入后台:
from django.contrib import admin
from blog.models import Post
admin.site.register(Post)
管理员账户创建
命令行创建超级用户:
python manage.py createsuperuser
批量操作实现
自定义批量删除方法:
from django.contrib import admin
from data.models import Record
class RecordAdmin(admin.ModelAdmin):
actions = ['bulk_remove']
def bulk_remove(self, request, records):
count, _ = records.delete()
self.message_user(request, f"已删除 {count} 条记录")
admin.site.register(Record, RecordAdmin)
会话数据存储
基础会话操作:
from django.http import HttpResponse
def save_session(request):
request.session['user_token'] = 'session_data'
return HttpResponse("会话已存储")
def fetch_session(request):
data = request.session.get('user_token', '空值')
return HttpResponse(f"会话内容: {data}")
Cookie安全配置
增强会话安全性:
# settings.py
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
配置说明:
- 启用HTTPS传输
- 禁止JavaScript访问
持久化Cookie应用
基础Cookie操作:
from django.http import HttpResponse
def set_cookie(response):
response.set_cookie('preference', 'dark_mode', expires=3600)
return HttpResponse("Cookie已设置")
def read_cookie(request):
value = request.COOKIES.get('preference', '默认')
return HttpResponse(f"Cookie值: {value}")
认证模块集成
用户登录流程:
from django.contrib.auth import authenticate, login
def auth_user(request):
user = authenticate(request, username='admin', password='secret')
if user:
login(request, user)
return HttpResponse("认证成功")
return HttpResponse("认证失败")
单点登录配置
跨子域会话共享:
# settings.py
SESSION_COOKIE_DOMAIN = '.mydomain.com'
会话全局设置
生命周期控制:
# settings.py
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_COOKIE_AGE = 7200
SESSION_EXPIRE_AT_BROWSER_CLOSE = False