cookie实现简单登录
request.path_info获取url后缀,http://127.0.0.1:8000/home/?zx=22,获取/home/
request.get_full_path()获取后缀包括get请求的参数 /home/?zx=22
def login(request):
if request.method == 'POST':
username = request.POST.get('username')
password= request.POST.get('password')
if username == 'zx' and password == 'zx125':
old_path = request.GET.get('next')
if old_path:
obj = redirect(old_path)
else:
obj = redirect('/home')
obj.set_cookie('name','zx')
return obj
return render(request,'login.html')
from functools import wraps
#登录装饰器
def login_auth(func):
@wraps(func)
def inner(request,*args,**kwargs):
if request.COOKIES.get('name'):
res = func(request,*args,**kwargs)
return res
else:
target_url = request.path_info
print(target_url)
print(request.get_full_path())
return redirect(f'/login?next={target_url}')
return inner
@login_auth
def home(request):
return render(request,'home.html')
session和cookie实现登录
其实和上面的逻辑差不多,基本一样,利用了设置session会默认在浏览器设置一个cookie用来存session_id,同时加入了注销功能
重点:重点要知道下面两个的区别和使用
request.session.delete() # 删除当前会话的所有Session数据
request.session.flush() # 删除当前的会话Session并删除Cookie
from django.shortcuts import render,redirect
# Create your views here.
def login(request):
if request.method == 'POST':
username = request.POST.get('username')
password= request.POST.get('password')
if username == 'zx' and password == 'zx125':
old_path = request.GET.get('next')
if old_path:
obj = redirect(old_path)
else:
obj = redirect('/home')
request.session['zx'] = 'zx125'
return obj
return render(request,'login.html')
from functools import wraps
def login_auth(func):
@wraps(func)
def inner(request,*args,**kwargs):
if request.session.get('zx'):
res = func(request,*args,**kwargs)
return res
else:
target_url = request.path_info
print(target_url)
print(request.get_full_path())
return redirect(f'/login?next={target_url}')
return inner
@login_auth
def home(request):
return render(request,'home.html')
def outlogin(request):
request.session.delete() # 删除当前会话的所有Session数据
# request.session.flush() # 删除当前的会话Session并删除Cookie
return redirect('/login')
auth实现登录注册
其实原理就是和之前的一样的,只是多了一层封装,但是要对auth模块有一定的了解
auth.authenticate(username=username, password=password)#相当于验证是否存在这个账号密码,有返回对象,没有返回None
auth.login(request,user_obj)#记录这个用户为登录用户,会执行一些session的操作User.objects.create_user(username=username, password=password)#创建一个普通用户
@login_required(login_url='/login/')#封装好的装饰器,功能和上面的是一样的,验证是否登录,没有登录跳转登录界面
from django.shortcuts import render,redirect
from django.contrib.auth.models import User
from django.contrib import auth
from django.contrib.auth.decorators import login_required
# Create your views here.
#登录
def login(request):
if request.method == 'POST':
username = request.POST.get('username')
password= request.POST.get('password')
user_obj = auth.authenticate(username=username, password=password)
if user_obj:
auth.login(request,user_obj)
old_path = request.GET.get('next')
if old_path:
obj = redirect(old_path)
else:
obj = redirect('/home')
request.session['zx'] = 'zx125'
return obj
return render(request,'login.html')
#退出
def outlogin(request):
request.session.delete() # 删除当前会话的所有Session数据
return redirect('/login')
#注册
def resgister(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
User.objects.create_user(username=username, password=password)
return redirect('/login')
return render(request,'register.html')
@login_required(login_url='/login/')
def home(request):
return render(request,'home.html')