基本上這種技術在電子郵件驗證使用。這是你應該看的地方。
比方說,你有模型,名爲請求,它有像用戶名字段來標識請求訪問的人,數據庫名稱,以及一切。但它也會有兩個「類似密碼」的字段,用於確定請求是否被拒絕。
class Request(models.Model):
user = models.ForeignKey ...
databasename =
date =
...
access_granted = models.BooleanField(default=False)
deny_token = models.CharField()
allow_token = models.CharField()
的一點是要對在查看節省請求時,產生這些令牌:
if request.method == POST:
form = RequestForm(request.POST)
if form.is_valid():
data['user'] = form.cleaned_data['user'])
data['databasename'] = form.cleaned_data['databasename'])
...
data['access_token'] = GENERATE_USING_HASH_FUNCTION()
data['deny_token'] = GENERATE_USING_HASH_FUNCTION()
form.save(data)
然後你可以使用模塊EmailMultiAlternatives
發送HTML電子郵件,像這樣:
subject, from_email, to = 'Request', '[email protected]', form.cleaned_data['manager_email']
html_content = render_to_string(HTML_TEMPLATE, CONTEXT) # Just as any regular templates
text_content = strip_tags(html_content)
msg = EmailMultiAlternatives(subject, text_content, from_email, [to], reply_to=["[email protected]"])
msg.attach_alternative(html_content, "text/html")
msg.send()
並在該模板中構建反向鏈接:
{% url 'app:grant_access' allow_token=token %} # "token" you get from context
{% url 'app:deny_access' deny_token=token %} # will become example.com/deny_access/7ea3c95, where 7ea3c95 is token
然後加線的urls.py您的應用程序那樣的:
url(r'^allow_access/(?P<allow_token>[0-9]+)$', CheckAcessView.as_view(), name="app:grant_access"),
url(r'^deny_access/(?P<deny_token>[0-9]+)$', CheckAcessView.as_view(), name="app:deny_access"),]
然後創建CheckAcessView
視圖。在哪裏訪問存儲在數據庫中的請求,並檢查例如url「allow_token」的參數是否等於存儲的allow_token。如果是,請將請求狀態更改爲允許。