一、把rbac组件拷贝到你的Django项目中
二、settings里注册一下app名字
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# 'web.apps.WebConfig',
'web',
'rbac',
]
三、python manage.py makemigrations 和 python manage.py migrate生成数据库表单
四、在settings里注册一下中间件,用来验证用户权限
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'rbac.middleware.rbac.RbacMiddleware'
]
五、在settings里最下方配置权限相关的信息
# ############################## RBAC权限相关配置开始 ##############################
# # 无需权限控制的URL(白名单)
RBAC_NO_AUTH_URL = [
'/login.html',
'/index.html',
'/register.html',
'/admin.*',
'/rbac.*',
]
# session中保存权限信息的Key名
RBAC_PERMISSION_SESSION_KEY = "rbac_permission_session_key"
# Http请求中传入的参数,根据其获取GET、POST、EDIT等检测用户是否具有相应权限
# 例如:
# http://www.example.com?md=get 表示获取
# http://www.example.com?md=post 表示添加
# http://www.example.com?md=del 表示删除
RBAC_QUERY_KEY = "md"
RBAC_DEFAULT_QUERY_VALUE = "look"
# 无权访问时,页面提示信息
RBAC_PERMISSION_MSG = "无权限访问"
# Session中保存菜单和权限信息的Key
RBAC_MENU_PERMISSION_SESSION_KEY = "rbac_menu_permission_session_key"
RBAC_MENU_KEY = "rbac_menu_key"
RBAC_MENU_PERMISSION_KEY = "rbac_menu_permission_key"
# 菜单主题
RBAC_THEME = "default"
# ############################## RBAC权限相关配置结束 ##############################
六、登录的页面login.html
在你应用的app的models.py中创建UserInfo一对一关联rabc里的User表
from django.db import models from rbac.models import User as RbacUser class UserInfo(models.Model): nickname = models.CharField(max_length=16) user = models.OneToOneField(RbacUser)