【Python】学习笔记6-补充Flask模块:登录接口,mysql数据库、存redis-sesson、存浏览器cookie

1、需求:接口输入用户名,密码后,成功登录(对比数据库)后,把session写到redis里面,返回session-value

server = flask.Flask(__name__)
@server.route('/login1',methods=['post'])
def login1():
    username = flask.request.values.get('username','')
    password = flask.request.values.get('password','')
    sql = "select * from user WHERE username = '%s' and password ='%s';"%(username,password)
    res = op_mysql(sql)#函数的作用:操作mysql,查询的话,输出查询就结果,插入更新的话,更新数据库
    if res:
        k = "sessionn:%s"%username
        v = str(time.time())+username #当前时间戳+用户名,然后md5一次,作为session
        session = md5_passwd(v)#加密
        op_redis(k,session,expired=6000,db =2) #函数的作用:操作redis,传入k,v,期限,如果v存在,添加(k,v);如果v不存在,只传入key,判断是否有session,有的话返回值,没有的话返回None
        response = {"code":309,"msg":"登陆成功","session":session}
    else:
        response = {"code":308,"msg":"账户/密码错误"}
    return json.dumps(response,ensure_ascii=False) #return只能返回字符串

2、接口输入用户名,密码后,判断是否与数据库匹配,成功登录完之后,保存到浏览器cookie

server = flask.Flask(__name__)
@server.route('/login1',methods=['post'])
def login1():
    username = flask.request.values.get('username','')
    password = flask.request.values.get('password','')
    sql = "select * from user WHERE username = '%s' and password ='%s';"%(username,password)
    res = op_mysql(sql)
    if res:
        k = "sessionn:%s"%username
        v = str(time.time())+username #当前时间戳+用户名,然后md5一次,作为session
        session = md5_passwd(v)
        op_redis(k,session,expired=6000,db =2)
        msg = {"code":309,"msg":"登陆成功","session":session}
        response = flask.make_response() #如果增加cookie的话,就用flask.make_response()
        response.set_data(json.dumps(msg,ensure_ascii=False))
        response.set_cookie('session',session)
        # response.set_cookie('session-cm','cm的cookie') # set其他的值
        # response.set_cookie('session-cmcmmm','cm的cookie1') # set其他的值
    else:
        response = json.dumps({"code":308,"msg":"账户/密码错误"})
    return response

3、操作cmd命令,偷偷执行代码,浏览器输入ls,就可以列出当前目录下的所有文件

# @server.route('/cmd',methods=['get'])
# def cmd():
#     command = flask.request.values.get('cmd')
#     if command:
#         res = os.popen(command).read()
#         return res

4、得到用户的双色球信息

 

#    详细需求:接口输入用户名,session值,验证是否匹配redis中对应用户名的session值,匹配的话,返回数据库所有的双色球信息
#    详细分析: 验证session是否正确,判断用户传过来的session和redis里面的是否一致
#               一致的话,返回双色球信息
#               不一致的话
#                   session不一样,提示非法
#                   session不存在,提示用户未登陆

# @server.route("/get_seq")
# def get_seq():
#     username = flask.request.values.get("username")
#     session = flask.request.values.get("session") #用户传过来的session
#     k = 'sessionn:%s'%username
#     redis_session = op_redis(k,db = 2) #redis取出的该用户的sessin值
#     if redis_session:
#        if session == redis_session: #用户传入的sssion与redis保存一致
#            response = op_mysql('select red,blue from seq;')
#        else:
#            response = {"code":101,"msg":"session非法!"}
#     else:
#         response = {"code":100,"msg":"用户未登录"}
#     return json.dumps(response,ensure_ascii=False)
# #接口中的session从cookie取值,不从浏览器输入flask.request.cookies.get
 @server.route("/get_seq2")
# def get_seq2():
#     username = flask.request.values.get("username")
#     session = flask.request.cookies.get("session") #用户传过来的session
#     k = 'sessionn:%s'%username
#     redis_session = op_redis(k,db = 2) #redis取出的该用户的sessin值
#     if redis_session:
#        if session == redis_session: #用户传入的sssion与redis保存一致
#            response = op_mysql('select red,blue from seq;')
#        else:
#            response = {"code":101,"msg":"session非法!"}
#     else:
#         response = {"code":100,"msg":"用户未登录"}
#     return json.dumps(response,ensure_ascii=False)

 

posted @ 2018-02-01 16:59  萌_CALY  阅读(590)  评论(0编辑  收藏  举报