标签:
由于html cookie是存储在客户端的,且为明文,故不安全,另外一个支持html间数据传输的为session
修改blog/views.py
[root@host-100-100-5-17 alu02]# cat blog/views.py from django import forms from django.http import HttpResponse from django.shortcuts import render_to_response from models import User from django.http.response import HttpResponseRedirect class UserForm(forms.Form): username = forms.CharField() password = forms.CharField(widget = forms.PasswordInput) def register(req): if req.method == ‘POST‘: form = UserForm(req.POST) if form.is_valid(): username = form.cleaned_data[‘username‘] password = form.cleaned_data[‘password‘] User.objects.create(username=username, password=password) return HttpResponseRedirect(‘login‘) else: form = UserForm() return render_to_response(‘register.html‘, {‘form‘:form}) def login(req): if req.method == ‘POST‘: form = UserForm(req.POST) if form.is_valid(): username = form.cleaned_data[‘username‘] password = form.cleaned_data[‘password‘] users = User.objects.filter(username=username, password=password) if users: req.session[‘username‘] = username return HttpResponseRedirect(‘index‘) else: return HttpResponseRedirect(‘login‘) else: form = UserForm() return render_to_response(‘login.html‘, {‘form‘:form}) def index(req): username = req.session.get(‘username‘,‘anybody‘) return render_to_response(‘index.html‘, {‘username‘: username}) def logout(req): del req.session[‘username‘] return HttpResponse(‘you are logout‘) [root@host-100-100-5-17 alu02]#
测试页面
查看session id
查看数据库中的session key,可见和firefox中的session id一致
mysql> select * from django_session; +----------------------------------+--------------------------------------------------------------------------------------+----------------------------+ | session_key | session_data | expire_date | +----------------------------------+--------------------------------------------------------------------------------------+----------------------------+ | q17c9eiikrmpz2vl6im1ye6wxiawoy6k | ZjEwMDIyOWYxMWQyNDM3ODlhMmYxMTQwYjMwZDEzNmI5OWIzMjAxYTp7InVzZXJuYW1lIjoiYWx1MDIifQ== | 2016-03-22 11:51:57.352419 | +----------------------------------+--------------------------------------------------------------------------------------+----------------------------+ 1 row in set (0.00 sec) mysql>
logout会在数据库中改变session data,也就是更新为不可使用值,但是session id在firefox和数据库中均不会被删除
mysql> select * from django_session; +----------------------------------+--------------------------------------------------------------+----------------------------+ | session_key | session_data | expire_date | +----------------------------------+--------------------------------------------------------------+----------------------------+ | q17c9eiikrmpz2vl6im1ye6wxiawoy6k | ZTFhOGIxMTdjNzE2NTMzMzc2NGI2MmMxMmIzN2Y0MjI0MDE3NGY4Nzp7fQ== | 2016-03-22 11:54:34.994341 | +----------------------------------+--------------------------------------------------------------+----------------------------+ 1 row in set (0.01 sec) mysql>
标签:
原文地址:http://www.cnblogs.com/onmyway227/p/5253518.html
