第七篇:cookie与session组件
一.cookie
1.1什么是cookie
存储在客户端浏览器的键值对
1.2cookie的简单应用
不带装饰器版
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <form action="" method="post"> <input type="text" name="name"> <input type="text" name="pwd"> <input type="submit" value="提交"> </form> <body> </body> </html>
from django.conf.urls import url from django.contrib import admin from app01 import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^set_cookie/', views.set_cookie), url(r'^get_cookie/', views.get_cookie), url(r'^login/', views.login), url(r'^order/', views.order), url(r'^test_cookie/', views.test_cookie), ]
from django.shortcuts import render, HttpResponse, redirect # Create your views here. def set_cookie(request): obj = HttpResponse('ok') # 设置cookie obj.set_cookie('name','lqz') return obj def get_cookie(request): print('=============>') print(type(request.COOKIES)) # 取cookie的值 print(request.COOKIES) name=request.COOKIES.get('name') obj = HttpResponse('get_cookie') return obj # 登录认证,只有登录了,才能查看订单页面 # 原来的login def login(request): if request.method == 'GET': return render(request, 'login.html') else: name = request.POST.get('name') pwd = request.POST.get('pwd') if name == 'lqz' and pwd == '123': # 登录成功,写到客户端浏览器cookie obj = HttpResponse('登录成功') # 新手三件套,都能写cookie obj.set_cookie('is_login', True) return obj else: return HttpResponse('用户名或密码错误') def order(request): is_login = request.COOKIES.get('is_login') if is_login: return HttpResponse('我是订单页面,我得登录才能看') else: return redirect('/login/') def test_cookie(request): obj = HttpResponse('ok') obj.set_cookie('name', 'lqz') return obj
P.S
记得注释掉settings中的csrf
带装饰器版
login文件同上
from django.conf.urls import url from django.contrib import admin from app01 import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^login/', views.login), url(r'^order/', views.order), url(r'^shopping/', views.shopping), ]
from django.shortcuts import render # Create your views here. from django.shortcuts import render, HttpResponse, redirect # Create your views here. def login(request): if request.method == 'GET': return render(request, 'login.html') else: name = request.POST.get('name') pwd = request.POST.get('pwd') if name == 'lqz' and pwd == '123': # 登录成功,写到客户端浏览器cookie obj = HttpResponse('登录成功') # 新手三件套,都能写cookie obj.set_cookie('is_login', True) return obj else: return HttpResponse('用户名或密码错误') def login_auth(func): def inner(request,*args,**kwargs): is_login=request.COOKIES.get('is_login') if is_login: res=func(request,*args,**kwargs) return res else: return redirect('/login/') return inner @login_auth def order(request): return HttpResponse('我是订单页面,我得登录才能看') @login_auth def shopping(request): return HttpResponse('我是购物页面,我得登录才能看')
记得注释掉settings中的csrf
新需求:重定向到之前访问路径的页面
login文件同上
urls文件同上
from django.shortcuts import render,HttpResponse,redirect # Create your views here. # 新的login def login(request): if request.method == 'GET': return render(request, 'login.html') else: next = request.GET.get('next') name = request.POST.get('name') pwd = request.POST.get('pwd') if name == 'lqz' and pwd == '123': if next: obj = redirect(next) else: obj = redirect('/shopping/') obj.set_cookie('is_login', True) return obj else: return HttpResponse('用户名或密码错误') # 登录认证装饰器 def login_auth(func): def inner(request, *args, **kwargs): # 拿到之前访问的路径 # 这个不行,因为取不到数据部分 # url=request.path url = request.get_full_path() is_login = request.COOKIES.get('is_login') if is_login: res = func(request, *args, **kwargs) return res else: return redirect('/login/?next=%s' % url) return inner @login_auth def order(request): return HttpResponse('我是订单页面,我得登录才能看') @login_auth def shopping(request): return HttpResponse('我是购物页面,我得登录才能查看')
1.3cookie的其他参数
-cookie的其他属性 -加盐cooke -超时时间max_age, 传一个秒的时间 -超时时间expires, 传一个datatime对象 -path = '/', 可以设置路径, 设置路径之后, path = '/index/', 只有访问index的时候, 才会携带cookie过来 -domain 设置域名下有效domain = 'map.baidu.com' -secure = False, (默认是false, 设置成True浏览器将通过HTTPS来回传cookie) -httponly = True 只能https协议传输,无法被JavaScript获取(不是绝对,底层抓包可以获取到也可以被覆盖)
相关操作
# 加盐的cookie def salt_cookie(request): object=HttpResponse('ok') # 加盐,123是个密码,解cookie的时候需要它, # object.set_signed_cookie('name','lqz',salt='123') # object.set_signed_cookie('name','lqz',salt='123',) # 5秒之后失效,三天失效 # object.set_cookie('name','lqz',max_age=60*60*24*3) # path # object.set_cookie('name', 'lqz', path='/shopping/') object.set_cookie('name', 'lqz') return object def get_cookie(request): # name=request.COOKIES.get('name') # print(name) return HttpResponse('ok') def delete_cookie(request): obj= HttpResponse('ok') # 指定删除名字是name的cookie obj.delete_cookie('name') return obj
二.session
2.1什么是session
2.2session的简单应用
2.3session的其他属性和删除
2.4session的其他配置
pass
三.CBV加装饰器
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <form action="" method="post"> <input type="text" name="name"> <input type="text" name="pwd"> <input type="submit" name="提交"> </form> </body> </html>
from django.conf.urls import url from django.contrib import admin from app01 import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^login/', views.Login.as_view()), url(r'^order/', views.Order.as_view()), ]
from django.shortcuts import render, HttpResponse,redirect # Create your views here. from django.views import View from app01 import models def login_auth(func): def inner(request, *args, **kwargs): url=request.get_full_path() if request.session.get('id'): ret = func(request, *args, **kwargs) else: return redirect('/login/?next=%s'%url) return ret return inner class Login(View): def get(self, request, *args, **kwargs): return render(request, 'login.html') def post(self, request, *args, **kwargs): name = request.POST.get('name') pwd = request.POST.get('pwd') ret = models.User.objects.filter(name=name, pwd=pwd).first() if ret: url=request.GET.get('next') request.session['id'] = ret.pk request.session['name'] = ret.name return redirect(url) else: return HttpResponse('用户名密码错误') from django.utils.decorators import method_decorator @method_decorator(login_auth,name='post')#还可以加在类上面 @method_decorator(login_auth,name='get') class Order(View): # @login_auth # @method_decorator(login_auth) def get(self, reuqest): # 取数据库查询订单,返回 userid=reuqest.session.get('id') # 通过userid取查订单表,查出所有订单信息 return HttpResponse('我是订单页面,我查出了好多') # @method_decorator(login_auth) def post(self,request): return HttpResponse('post')
from django.db import models # Create your models here. class User(models.Model): name = models.CharField(max_length=32) pwd = models.CharField(max_length=32)
记得进行数据库迁移