简单说cookie,session
cookie的好处,给使用者更好的使用者体验,减少服务器负担(存在於client端的浏览器)
缺点是有安全问题,且无法存入大量资料
ex:一些广告会再第一次跳进去的时候弹出,关闭时cookie就会记录
session大概和cookie相反,安全度较高,可以储存大量资料(资料库),session会和cookie搭配使用
ex:用户名称
我又再创了一个app,setting,model那些我就不再一一做了
先贴程序码,再来讲
views.py
from django.shortcuts import render, redirect
from django.http import HttpResponse, JsonResponse
from django.urls import reverse
from django.views.decorators.csrf import csrf_exempt
from three.models import Person
import time
# Create your views here.
def login(request):
if request.session.get('username'):
return redirect(reverse('three:mine'))
return render(request, 'three/login.html')
def do_login(request):
username = request.POST.get('username')
password = request.POST.get('password')
person = Person.objects.filter(name=username).filter(password=password)
person = person.first()
if person:
response = HttpResponse('set cookie')
response.set_cookie('token', person.token)
request.session['username'] = username
return redirect(reverse('three:mine'))
return redirect(reverse('three:login'))
def mine(request):
username = request.session.get('username')
if username is None:
return redirect(reverse('three:login'))
token = request.COOKIES.get('token')
person = Person.objects.get(token=token)
return render(request, 'three/mine.html', context={'username': username})
def logout(request):
response = redirect(reverse('three:login'))
request.session.flush()
return response
def register(request):
return render(request, 'three/register.html')
@csrf_exempt
def do_register(request):
person = Person()
username = request.POST.get('username')
password = request.POST.get('password')
person.name = username
person.password = password
person.token = generate_token(username)
person.save()
return redirect(reverse('three:login'))
def generate_token(name):
return name + str(time.ctime())
urls.py
from django.contrib import admin
from django.urls import path, re_path
from three import views
urlpatterns = [
path('login/', views.login, name='login'),
path('do_login/', views.do_login, name='dologin'),
path('mine/', views.mine, name='mine'),
path('logout/', views.logout, name='logout'),
path('register/', views.register, name='register'),
path('do_register/', views.do_register, name='doregister'),
]
login.html
<form action="{% url 'three:dologin'%}" method="post">
{% csrf_token %}
<span>username: <input type="text" name="username"></span>
<br>
<span>password: <input type='password' name="password"></span>
<br>
<button>submit</button>
</form>
<a href="{% url 'three:register'%}">register</a>
没贴的部分应该也很好打出来,可以试者打
判断是否已经登入,已经登入就跳到mine.html
login
利用post的方式取得使用者输入的资料,根据输入判断是否正确,正确就设置seesion,不正确返回login
do_login
判断session是否存在,是就显示mine.html的画面,不是就回到login
mine
清空session,重新导向到login
logout
register应该没什麽好讲的
@csrf_exempt 让你再post请求时不会因为csrf而挡住,也可以写在html就像login.html一样(exempt:豁免)
do_register
token 这边就不细说,session很cookie就很好用了,token通常用在手机
FASTAPI建置 非常快速的简介 过去讲到PYTHON建置API,大多会想到Flask以及Djan...
为什麽必须知道怎麽使用阵列方法呢?举例来说,我们拿到一笔资料长这个样子: let data = [5...
redisDB是一个快速轻量的key-value资料库,因为可以无状态的执行,我个人认为非常适合运行...
机器学习可以分为四大类 监督式学习 Supervised Learning 非监督式学习 Unsup...
「那转职成稽核好玩吗?」 「超~好~玩~~~~~」 「但~」 「也~好~精~实~噢~」 进步 我觉得...