Cookie和Session版的登录验证
URL :
from django.conf.urls import url from app01 import views urlpatterns = [ url(r'^login/', views.login), url(r'^home/', views.home), url(r'^index/', views.index), ]
前端 :
<form action="" method="post"> {% csrf_token %} <input type="text" name="name"> <input type="password" name="pwd"> <input type="submit"> </form>
Cookie视图 :
from django.shortcuts import render,redirect,HttpResponse #装饰器 def login_required(fn): def inner(request, *args, **kwargs): if request.COOKIES.get("login") != "1": next = request.path_info #未登录用户访问无权限的页面, 获取所访问的url, 以便登陆后直接跳转 return redirect("/login/?next={}".format(next)) #将所获取的url参数传递到登录页面的url上 ret = fn(request, *args, **kwargs) return ret return inner #登录页面 def login(request): if request.method == "POST": user = request.POST.get("name") pwd = request.POST.get("pwd") if user == "dong" and pwd == "dong": next = request.GET.get("next") #在登陆页面的url上获取未登录用户访问无权限页面所传递的参数 if next: #如果有参数 ret = redirect(next) else: #没有参数 ret = redirect("/home/") #没有参数说明用户未访问无权限页面,直接登录 ret.set_cookie("login", "1") return ret return render(request, "login.html") @login_required def home(request): return HttpResponse("home页面") @login_required def index(request): return HttpResponse("index")
Session视图 :
#装饰器 def login_required(fn): def inner(request, *args, **kwargs): if request.session.get("login") != "1": next = request.path_info #未登录用户访问无权限的页面, 获取所访问的url, 以便登陆后直接跳转 return redirect("/login/?next={}".format(next)) #将所获取的url参数传递到登录页面的url上 ret = fn(request, *args, **kwargs) return ret return inner #登录页面 def login(request): if request.method == "POST": user = request.POST.get("name") pwd = request.POST.get("pwd") if user == "dong" and pwd == "dong": request.session["login"] = "1" #设置session,自动传递 next = request.GET.get("next") #在登陆页面的url上获取未登录用户访问无权限页面所传递的参数 if next: #如果有参数 return redirect(next) else: #没有参数 return redirect("/home/") #没有参数说明用户未访问无权限页面,直接登录 # ret.set_cookie("login", "1") # return ret return render(request, "login.html") @login_required def home(request): return HttpResponse("home页面") @login_required def index(request): return HttpResponse("index")