python中Flask框架下session的使用

配置session的secret_key 和 有效期PERMANENT_SESSION_LIFETIME

from flask import Flask, request,session, redirect
from .views.account import ac

# 拦截器
def auth():
    if request.path == '/login' or request.path == '/register':
        return 
    # 放行静态资源
    if request.path.startswith('/static'):
        return 
    # 从session中获取用户信息
    user = session.get('user')
    if user:
        return 
    return redirect('/login')


def create_app():
    app = Flask(__name__)
    # 设置session的SECRET_KEY
    app.config['SECRET_KEY'] = 'secret-key-goes-here'
    # 设置session的有效期
    app.config['PERMANENT_SESSION_LIFETIME'] = 60 * 60 * 24 * 7  # 60秒 * 60分 * 24小时 * 7天  

    app.register_blueprint(ac)
    # 挂载拦截器
    app.before_request(auth)

    return app

一般在登录接口中添加session

from flask import Flask, jsonify, session, request,Blueprint,render_template,redirect
from app.config import db

ac = Blueprint('account', __name__)



@ac.route('/login', methods=['GET','POST'])
def login():
  if request.method == 'POST':
    mobile,password = request.form.get('mobile'),request.form.get('password')
    if not mobile or not password: 
      return render_template('login.html', error="请填写账号和密码")
    
    sql = "select * from users"
    user_dict = db.fetch_one(sql)
    if not user_dict or user_dict['password'] != password:
      return render_template('login.html', error="账号或密码错误")
    # 设置session， 可以设置多个 session['mobile']   session['user_id']等
    session['user'] = {'mobile':mobile, 'id':user_dict['id']}
    return redirect('/index')
  return render_template('login.html')