当flask基于session限制用户访问页面时,有三种实现方式;当然,我们从最low的版本开始:
from datetime import timedelta class Config(object): DEBUG = False TESTING = False SECRET_KEY = "asdfasdfas23" DATABASE_URI = 'sqlite://:memory:' SESSION_COOKIE_NAME = 'session' SESSION_COOKIE_DOMAIN = None SESSION_COOKIE_PATH = None SESSION_COOKIE_HTTPONLY = True SESSION_COOKIE_SECURE = False SESSION_REFRESH_EACH_REQUEST = True PERMANENT_SESSION_LIFETIME = timedelta(hours=1) class ProductionConfig(Config): DATABASE_URI = 'mysql://user@localhost/foo' class DevelopmentConfig(Config): DEBUG = True class TestingConfig(Config): TESTING = True
from flask import Flask,render_template,request,redirect,session,url_for,jsonify,make_response app = Flask(__name__) app.config.from_object("settings.DevelopmentConfig") # app.secret_key = 'xxxxxxxx' STUDENT_DICT = { 1:{'name':'王龙泰','age':38,'gender':'中'}, 2:{'name':'小东北','age':73,'gender':'男'}, 3:{'name':'田硕','age':84,'gender':'男'}, } @app.route('/login',methods=["GET","POST"]) def login(): if request.method == 'GET': return render_template('login.html') user = request.form.get('user') pwd = request.form.get('pwd') if user == 'test' and pwd == '666': session['user'] = user return redirect('/index') return render_template('login.html',error='用户名或密码错误') @app.route('/index') def index(): user = session.get('user') if not user: return redirect('/login') return render_template('index.html',stu_dic=STUDENT_DICT) @app.route('/delete/<int:nid>') def delete(nid): user = session.get('user') if not user: return redirect('/login') del STUDENT_DICT[nid] return redirect(url_for('index')) @app.route('/detail/<int:nid>') def detail(nid): user = session.get('user') if not user: return redirect('/login') info = STUDENT_DICT[nid] return render_template('detail.html',info=info) if __name__ == '__main__': app.run()
使用装饰器版本:
from flask import Flask,render_template,request,redirect,session,url_for,jsonify,make_response app = Flask(__name__) app.config.from_object("settings.DevelopmentConfig") # app.secret_key = 'xxxxxxxx' 已在配置文件中设置,不再在这里进行加盐 def func1(func): def inner(*args,**kwargs): user = session.get('user') if not user: return redirect('/login') ret = func(*args,**kwargs) return ret return inner STUDENT_DICT = { 1:{'name':'王龙泰','age':38,'gender':'中'}, 2:{'name':'小东北','age':73,'gender':'男'}, 3:{'name':'田硕','age':84,'gender':'男'}, } @app.route('/login',methods=["GET","POST"]) def login(): if request.method == 'GET': return render_template('login.html') user = request.form.get('user') pwd = request.form.get('pwd') if user == 'test' and pwd == '666': session['user'] = user return redirect('/index') return render_template('login.html',error='用户名或密码错误') @app.route('/index') func1 def index(): return render_template('index.html',stu_dic=STUDENT_DICT) @app.route('/delete/<int:nid>') @func1 def delete(nid): del STUDENT_DICT[nid] return redirect(url_for('index')) @app.route('/detail/<int:nid>') @func1 def detail(nid): info = STUDENT_DICT[nid] return render_template('detail.html',info=info) if __name__ == '__main__': app.run()
此时运行程序会出现如下错误:
AssertionError: View function mapping is overwriting an existing endpoint function: inner
出现此错误是因为视图index、delete、detail都使用了装饰器,此时这三个视图函数都指向inner函数,导致此报错。
解决方法如下:
import functools def func1(func): @functools.wraps(func) def inner(*args,**kwargs): user = session.get('user') if not user: return redirect('/login') ret = func(*args,**kwargs) return ret return inner
版本3:
@app.before_request def xzxx(): if request.path == '/login': return None if session.get('user'): return None return redirect('/login')
补充:关于多个函数使用装饰器时指向inner函数示例:
def auth(func): def inner(*args,**kwargs): ret = func(*args,**kwargs) return ret return inner @auth def index(): print('index') @auth def detail(): print('detail') print(index.__name__) print(detail.__name__)
import functools def auth(func): @functools.wraps(func) def inner(*args,**kwargs): ret = func(*args,**kwargs) return ret return inner @auth def index(): print('index') @auth def detail(): print('detail') print(index.__name__) print(detail.__name__)
