flask的session问题:
from flask import Flask, session
app = Flask(__name__)
# 要用session,必须app配置一个密钥
app.secret_key = "adadadadadadasds"
app.config['SESSION_COOKIE_NAME'] = "session_new"
# app.session_interface实现了两个方法:一个是save_session,一个是open_session
@app.route("/")
def index():
# 如何设置session
# 1 导入session
# 2 给session设置值
session["name"] = "egon"
# response = make_response()
# response.set_cookie( app.config['SESSION_COOKIE_NAME' ,加密(session))
return "ok"
@app.route("/login")
def login():
# 加密(session)= request.cookie("app.config['SESSION_COOKIE_NAME'")
# 解密:session大字典
print(session["name"])
return "login"
if __name__ == '__main__':
app.run()
session的原理
class SecureCookieSessionInterface(SessionInterface):
salt = "cookie-session"
digest_method = staticmethod(hashlib.sha1)
key_derivation = "hmac"
serializer = session_json_serializer
session_class = SecureCookieSession
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation, digest_method=self.digest_method
)
return URLSafeTimedSerializer(
app.secret_key,
salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs,
)
# 取session的时候执行的
def open_session(self, app, request):
s = self.get_signing_serializer(app)
if s is None:
return None
##cookie键是SESSION_COOKIE_NAME"=session
val = request.cookies.get(app.session_cookie_name)
print("open_session.session_cookie_name,", app.session_cookie_name, )
if not val:
return self.session_class()
max_age = total_seconds(app.permanent_session_lifetime)
try:
data = s.loads(val, max_age=max_age)
print("self.session_class(data)", self.session_class(data) )
return self.session_class(data)
except BadSignature:
return self.session_class()
#存session的时候执行的
def save_session(self, app, session, response):
domain = self.get_cookie_domain(app)
path = self.get_cookie_path(app)
# If the session is modified to be empty, remove the cookie.
# If the session is empty, return without setting the cookie.
if not session:
if session.modified:
response.delete_cookie(
app.session_cookie_name, domain=domain, path=path
)
return
# Add a "Vary: Cookie" header if the session was accessed at all.
if session.accessed:
response.vary.add("Cookie")
if not self.should_set_cookie(app, session):
return
httponly = self.get_cookie_httponly(app)
secure = self.get_cookie_secure(app)
samesite = self.get_cookie_samesite(app)
expires = self.get_expiration_time(app, session)
# 把session做了一个加密,把整个session的key--》val,全部加密,的到一个value值,
#session是一个大字典,
val = self.get_signing_serializer(app).dumps(dict(session))
# 他把session加密后得到的val存到cookie里面了
#cookie键是SESSION_COOKIE_NAME"=session
print("源码中的session",dict(session))
print("app.session_cookie_name,",app.session_cookie_name,)
response.set_cookie(
app.session_cookie_name,
val,
expires=expires,
httponly=httponly,
domain=domain,
path=path,
secure=secure,
samesite=samesite,
)
图示:
闪现:
1.什么是闪现?
与session咿呀昂,也是一个页面配置,另一个页面来使用,无论在哪个页面调用,只要调用一次,就清空了,但是在同一页面,同一次请求可以拿多次的
2.闪现是基于session实现的,所以app.secret_key = "asdada"要写
3.闪现的作用:一般用信息处理,例如用户a页面做操作,产生了信息,我希望在b页面内获取。
但是我不知道用户在什么时候,访问b页面,但是只要用户一旦访问页面就把信息显示出来。
代码:
from flask import Flask,flash,get_flashed_messages
app = Flask(__name__)
app.secret_key = "asdada"
@app.route("/")
def index():
#产生信息,message设置消息的,category给消息分类,如果不传默写用”message“
flash("我帅么")
flash(message="我真的帅么", category="渣男")
return "index"
@app.route("/login")
def login():
#(with_categories=True,消息是否要带上分类信息,category_filter=["渣男"]对消息进行过滤,取指定的分类消息
print(get_flashed_messages(with_categories=True,category_filter=["渣男"]))
print(get_flashed_messages())
return "login"
@app.route("/test")
def test():
print(get_flashed_messages())
return "test"
if __name__ == '__main__':
app.run()
图解: