Django 通过 session 保存个人信息

通过 session 保存 个人 信息

登录的视图函数中:

def login(request):
    ''' 登录 '''
    err, user, pwd = '', '', ''
    if request.method == 'POST':
        user = request.POST.get('user')
        pwd = request.POST.get('pwd')

        ret = models.UserProfile.objects.filter(username=user, password=my_md5(user, pwd), is_active=True).first()
        # ret = models.UserProfile.objects.filter(username=user, password=pwd, is_active=True).values()
        print(ret)
        if ret:
            return_url = request.GET.get('return_url')
            request.session['user_pk'] = ret.pk
            if return_url:
                return redirect(return_url)
            return redirect(reverse('show:public_customer'))
        else:
            err = '账号或密码错误!'
    return render(request, 'login.html', {'err': err, 'user': user, "pwd": pwd})

中间件中

# 白名单
w_list = ['/login/', '/reg/', '/verification_username/']
# 黑名单
b_list = []

def process_request(self, request):
    # 获取请求的路径
    return_url = request.path_info
	# 判断 白名单 
    if return_url in self.w_list or return_url.startswith('/admin/'):
        return
    
    if return_url in self.b_list:
        return HttpResponse('<h1>This is an illegal URL</h1>')
    
    # 获取session 的值
    user_pk = request.session.get("user_pk")
    # 判断是否有session
    if user_pk:
        # session 保存的是 用户的id 通过id 获取对象
        user = models.UserProfile.objects.filter(pk=user_pk).first()
        # 将对象保存到 request 中 用于保存用户
        request.user_object = user
        return
posted @ 2018-12-27 22:10  拐弯  阅读(1816)  评论(0编辑  收藏  举报