Django - CodeNotes

2025-12-25 0 阅读

Django默认admin新增登录验证码

Django默认登录只有用户名密码，存在一定安全隐患，想着提高下，用 django-simple-captcha 实现。 1. 安装 django-simple-captcha # 如无 pillow，需安装才可正常使用 # pip install pillow pip install django-simple-captcha 2. 添加应用及配置 # settings INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', # 添加应用 'captcha', ] # 验证码图片宽度/高度 CAPTCHA_IMAGE_SIZE = (100, 40) # 验证码字符长度（数学公式时不生效） CAPTCHA_LENGTH = 4 # 验证码字符类型：字母数字混合（可选值：'numeric'纯数字 / 'alphabetic'纯字母 / 'alphanumeric'混合） CAPTCHA_CHALLENGE_FUNCT = 'captcha.helpers.random_char_challenge' # 数学公式验证码（替代上述字符验证码） # CAPTCHA_CHALLENGE_FUNCT = 'captcha.helpers.math_challenge' # 验证码过期时间（秒） CAPTCHA_TIMEOUT = 5 * 60 # 5分钟 # 干扰线数量（0=无干扰线，数值越大干扰越强） CAPTCHA_NOISE_FUNCTIONS = ( 'captcha.helpers.noise_arcs', # 弧形干扰线 'captcha.helpers.noise_dots', # 点状干扰 ) # 验证码背景色（RGB） CAPTCHA_BACKGROUND_COLOR = '#ffffff' # 验证码文字颜色（RGB） CAPTCHA_FOREGROUND_COLOR = '#001100' 3. 执行 python manage.py migrate  4. 新增验证码表单 # 新建 project/forms.py from django import forms from django.contrib.admin.forms import AdminAuthenticationForm from captcha.fields import CaptchaField class AdminCaptchaAuthenticationForm(AdminAuthenticationForm): # 新增验证码字段，label 可自定义显示文本 captcha = CaptchaField(label='验证码') # 保留原有的 admin 登录验证逻辑，仅新增验证码校验 def clean(self): # 先执行父类的 clean 方法（验证用户名密码） cleaned_data = super().clean() # 验证码的校验由 CaptchaField 自动完成，无需额外处理 return cleaned_data 5. 新增视图 # 新建 project/views.py from django.contrib.admin.sites import AdminSite from django.contrib.auth.views import LoginView from .captcha_forms import AdminCaptchaAuthenticationForm class AdminCaptchaLoginView(LoginView): # 指定自定义表单 form_class = AdminCaptchaAuthenticationForm # 复用 admin 登录模板 template_name = 'admin/login.html' def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) admin_site = AdminSite() context.update({ 'site_title': admin_site.site_title, 'site_header': admin_site.site_header, 'site_url': admin_site.site_url, 'title': '管理员登录', }) return context 6. 新增 login.html # 新建 project/codenotes/templates/admin.py  {% extends "admin/base_site.html" %} {% load i18n static %} {% block extrastyle %}{{ block.super }} <link rel="stylesheet" href="{% static "admin/css/login.css" %}"> {{ form.media }}  <style> /* 控制验证码图片垂直对齐，与输入框居中 */ .captcha { vertical-align: middle; margin-bottom: 3px; border: none; } /* 调整验证码输入框的高度，与图片更匹配 */ input[name="captcha_1"] { height: 25px; } </style> {% endblock %} {% block bodyclass %}{{ block.super }} login{% endblock %} {% block nav-breadcrumbs %}{% endblock %} {% block content_title %}{% endblock %} {% block content %} {% if form.errors and not form.non_field_errors %} <p class="errornote"> {% blocktranslate count counter=form.errors.items|length %}Please correct the error below.{% plural %}Please correct the errors below.{% endblocktranslate %} </p> {% endif %} {% if form.non_field_errors %} {% for error in form.non_field_errors %} <p class="errornote"> {{ error }} </p> {% endfor %} {% endif %} <div id="content-main"> {% if user.is_authenticated %} <p class="errornote"> {% blocktranslate trimmed %} You are authenticated as {{ username }}, but are not authorized to access this page. Would you like to login to a different account? {% endblocktranslate %} </p> {% endif %} <form action="{{ app_path }}" method="post" id="login-form">{% csrf_token %} <div class="form-row"> {{ form.username.errors }} {{ form.username.label_tag }} {{ form.username }} </div> <div class="form-row"> {{ form.password.errors }} {{ form.password.label_tag }} {{ form.password }} <input type="hidden" name="next" value="{{ next }}"> </div>  <div class="form-row"> {{ form.captcha.errors }}  {{ form.captcha.label_tag }} {{ form.captcha }}  </div> {% url 'admin_password_reset' as password_reset_url %} {% if password_reset_url %} <div class="password-reset-link"> <a href="{{ password_reset_url }}">{% translate 'Forgotten your password or username?' %}</a> </div> {% endif %} <div class="submit-row"> <input type="submit" value="{% translate 'Log in' %}"> </div> </form> </div> {% endblock %} 7. 添加路由 # urls urlpatterns = [ # 增加路由 path('captcha/', include('captcha.urls')), ] 完成测试看是否成功。

2025-12-23 0 阅读

Django-CKeditor代码高亮

习惯使用Django-CKeditor实现博客后台的富文本输入，但发现少个代码高亮功能，几经查找，发现其有内置的代码块功能：codesnippet，用此插件就可以实现代码高亮功能，且自带不少常见主题，原理为通过highlight.js实现。 1. 参考配置参数，调出代码按钮 CKEDITOR_CONFIGS = { 'default': { "skin": "moono-lisa", "toolbar_Basic": [["Source", "-", "Bold", "Italic"]], "toolbar_Full": [ ["Styles", "Format", "Bold", "Italic", "Underline", "Strike"], ["Blockquote", "Link", "Unlink"], ["Image", "Table", "HorizontalRule"], ["NumberedList", "BulletedList", "JustifyLeft", "JustifyCenter", "JustifyRight", "JustifyBlock"], ["TextColor", "BGColor", ], ["CodeSnippet", "Source"], ], "toolbar": "Full", "height": 500, "width": 860, "filebrowserWindowWidth": 940, "filebrowserWindowHeight": 725, 'extraPlugins': 'codesnippet', 'tabSpaces': 4, 'allowedContent': True, # 配置后台语法高亮主题 'codeSnippet_theme': 'monokai', # 配置后台显示支持语言，格式：{语言标识: 显示名称} 'codeSnippet_languages': { 'bash': 'Bash', 'css': 'CSS', 'html': 'HTML', 'ini': 'INI', 'javascript': 'JavaScript', 'json': 'JSON', 'nginx': 'Nginx', 'python': 'Python', 'sql': 'SQL', }, } } 2. 前台使用   <link href="{% static 'blog/css/atom-one-dark.min.css' %}" rel="stylesheet">  <script src="{% static 'blog/js/highlight.min.js' %}"></script>  <script>hljs.highlightAll();</script> 3. 补充部分超长代码不会自动换行问题，可以在.css文件中添加white-space: pre-wrap; 可实现正常显示自动换行。 .hljs { border-radius: 0.5rem; # 代码框圆角 white-space: pre-wrap; # 代码超长自动换行 }