方法视图(FBV)和类视图(CBV)添加装饰器

加在FBV视图上添加csrf装饰器:

  1. from django.views.decorators.csrf import csrf_protect
  2. @csrf_exempt # 该函数无需认证
  3. @csrf_protect # 该函数需认证 
    from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def index(request):

    return render(request,'index.html')

@csrf_exempt #该函数无需认证
def ajax_add(request):
    s1=int(request.GET.get('s1'))
    s2=int(request.GET.get('s2'))

    print(s1,s2)
    s=s1+s2
    return HttpResponse(s)

     

 

from django.utils.decorators import method_decorator

1. 加在CBV视图的get或post方法上

 1 from django.utils.decorators import method_decorator
 2 
 3 
 4 class HomeView(View):
 5 
 6     def dispatch(self, request, *args, **kwargs):
 7         return super(HomeView, self).dispatch(request, *args, **kwargs)
 8 
 9     def get(self, request):
10         return render(request, "home.html")
11     
12     @method_decorator(check_login)
13     def post(self, request):
14         print("Home View POST method...")
15         return redirect("/index/")

2. 加在dispatch方法上

 1 from django.utils.decorators import method_decorator
 2 
 3 
 4 class HomeView(View):
 5 
 6     @method_decorator(check_login)
 7     def dispatch(self, request, *args, **kwargs):
 8         return super(HomeView, self).dispatch(request, *args, **kwargs)
 9 
10     def get(self, request):
11         return render(request, "home.html")
12 
13     def post(self, request):
14         print("Home View POST method...")
15         return redirect("/index/")

因为CBV中首先执行的就是dispatch方法,所以这么写相当于给get和post方法都加上了登录校验。

3. 直接加在视图类上,但method_decorator必须传 name 关键字参数

如果get方法和post方法都需要登录校验的话就写两个装饰器。

 1 from django.utils.decorators import method_decorator
 2 
 3 @method_decorator(check_login, name="get")
 4 @method_decorator(check_login, name="post")
 5 class HomeView(View):
 6 
 7     def dispatch(self, request, *args, **kwargs):
 8         return super(HomeView, self).dispatch(request, *args, **kwargs)
 9 
10     def get(self, request):
11         return render(request, "home.html")
12 
13     def post(self, request):
14         print("Home View POST method...")
15         return redirect("/index/")

CSRF Token相关装饰器在CBV只能加到dispatch方法上,或者加在视图类上然后name参数指定为dispatch方法。

备注:

  • csrf_protect,为当前函数强制设置防跨站请求伪造功能,即便settings中没有设置全局中间件。
  • csrf_exempt,取消当前函数防跨站请求伪造功能,即便settings中设置了全局中间件。 
     1 from django.views.decorators.csrf import csrf_exempt, csrf_protect
 2 from django.utils.decorators import method_decorator
 3 
 4 
 5 class HomeView(View):
 6 
 7     @method_decorator(csrf_exempt)
 8     def dispatch(self, request, *args, **kwargs):
 9         return super(HomeView, self).dispatch(request, *args, **kwargs)
10 
11     def get(self, request):
12         return render(request, "home.html")
13 
14     def post(self, request):
15         print("Home View POST method...")
16         return redirect("/index/")

    或者:

     1 from django.views.decorators.csrf import csrf_exempt, csrf_protect
 2 from django.utils.decorators import method_decorator
 3 
 4 
 5 @method_decorator(csrf_exempt, name='dispatch')
 6 class HomeView(View):
 7    
 8     def dispatch(self, request, *args, **kwargs):
 9         return super(HomeView, self).dispatch(request, *args, **kwargs)
10 
11     def get(self, request):
12         return render(request, "home.html")
13 
14     def post(self, request):
15         print("Home View POST method...")
16         return redirect("/index/")
posted @ 2018-09-09 22:28  青红*皂了个白  阅读(369)  评论(0编辑  收藏  举报