tornado2-通过cookie保护页面
代码逻辑关系
class IndexHandler(tornado.web.RequestHandler):
def get(self,*args,**kwargs):
self.render("index.html")
class LoginHandler(tornado.web.RequestHandler):
def post(self,*args,**kwargs):
username=self.get_argument("username")
passowrd=self.get_argument("password")
if username == "admin" and passowrd == "admin123":
self.set_cookie("auth","1")
self.redirect("/manager")
def get(self,*args,**kwargs):
self.render("login.html")
class ManagerHandler(tornado.web.RequestHandler):
def get(self,*args,**kwargs):
if self.get_cookie("auth")=="1":
self.render("manager.html")
else:
self.redirect("/login")
class LogoutHandler(tornado.web.RequestHandler):
def get(self,*args,**kwargs):
self.set_cookie("auth","0")
self.redirect("/login")
manager.html
<body>
<span><a href="/logout">退出</a></span>
<h1>manager page</h1>
</body>
功能演示
login页面提示登录失败
效果:
原理:
完整code:
逻辑处理
#!/usr/bin/env python
# coding=utf-8
import tornado.ioloop
import tornado.web
# 业务逻辑处理模块
class IndexHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
self.render("index.html")
class LoginHandler(tornado.web.RequestHandler):
def post(self, *args, **kwargs):
username = self.get_argument("username")
passowrd = self.get_argument("password")
if username == "admin" and passowrd == "admin123":
self.set_cookie("auth", "1")
self.redirect("/manager")
else:
self.render("login.html",status_text="登录失败")
def get(self, *args, **kwargs):
self.render("login.html",status_text="")
class ManagerHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
if self.get_cookie("auth") == "1":
self.render("manager.html")
else:
self.redirect("/login")
class LogoutHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
self.set_cookie("auth", "0")
self.redirect("/login")
# 配置选项模块
settings = {
'template_path': 'template',
'static_path': 'statics',
'static_url_prefix': '/sss/',
}
# 路由模块
application = tornado.web.Application([
(r"/index", IndexHandler),
(r"/manager", ManagerHandler),
(r"/login", LoginHandler),
(r"/logout", LogoutHandler),
],
**settings
)
## wsgi模块
if __name__ == "__main__":
application.listen(8888)
tornado.ioloop.IOLoop.instance().start()
前端页面
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>login</title>
<link rel="stylesheet" href="{{ static_url("common.css") }}">
</head>
<body>
<form action="/login" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="提交">
<span style="color: red">{{ status_text }}</span>
</form>
</body>
</html>
实现cookie超时,重新登录; 实现7天免登陆
效果:
原理:
class LoginHandler(tornado.web.RequestHandler):
def post(self, *args, **kwargs):
username = self.get_argument("username")
passowrd = self.get_argument("password")
if username == "admin" and passowrd == "admin123":
r = time.time()+5 ## 设置5s超时
self.set_cookie("auth", "1",expires=r)
self.redirect("/manager")
else:
self.render("login.html",status_text="登录失败")
def get(self, *args, **kwargs):
self.render("login.html",status_text="")
实现7天免登陆
原理
代码:
#!/usr/bin/env python
# coding=utf-8
import time
import tornado.ioloop
import tornado.web
# 业务逻辑处理模块
class IndexHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
self.render("index.html")
class LoginHandler(tornado.web.RequestHandler):
def post(self, *args, **kwargs):
username = self.get_argument("username","None")
passowrd = self.get_argument("password","None")
check = self.get_argument("auto","None")
if username == "admin" and passowrd == "admin123":
if check:
self.set_cookie("auth", "1", expires_days=7)
else:
r = time.time()+5
self.set_cookie("auth", "1",expires_days=r)
self.redirect("/manager")
else:
self.render("login.html",status_text="登录失败")
def get(self, *args, **kwargs):
self.render("login.html",status_text="")
class ManagerHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
if self.get_cookie("auth") == "1":
self.render("manager.html")
else:
self.redirect("/login")
class LogoutHandler(tornado.web.RequestHandler):
def get(self, *args, **kwargs):
self.set_cookie("auth", "0")
self.redirect("/login")
# 配置选项模块
settings = {
'template_path': 'template',
'static_path': 'statics',
'static_url_prefix': '/sss/',
}
# 路由模块
application = tornado.web.Application([
(r"/index", IndexHandler),
(r"/manager", ManagerHandler),
(r"/login", LoginHandler),
(r"/logout", LogoutHandler),
],
**settings
)
## wsgi模块
if __name__ == "__main__":
application.listen(8888)
tornado.ioloop.IOLoop.instance().start()
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>login</title>
<link rel="stylesheet" href="{{ static_url("common.css") }}">
</head>
<body>
<form action="/login" method="post">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" value="登录">
<input type="checkbox" name = "auto" value="1"><span>7天免登录</span>
<span style="color: red">{{ status_text }}</span>
</form>
</body>
</html>
安全的cookie
class LoginHandler(tornado.web.RequestHandler):
def post(self, *args, **kwargs):
username = self.get_argument("username","None")
passowrd = self.get_argument("password","None")
check = self.get_argument("auto","None")
if username == "admin" and passowrd == "admin123":
if check:
self.get_secure_cookie()
self.set_cookie("auth", "1", expires_days=7)
else:
r = time.time()+5
self.set_cookie("auth", "1",expires_days=r)
self.redirect("/manager")
else:
self.render("login.html",status_text="登录失败")
def get(self, *args, **kwargs):
self.render("login.html",status_text="")
# 配置选项模块
settings = {
'template_path': 'template',
'static_path': 'statics',
'static_url_prefix': '/sss/',
'cookie_secret':'adfadsfasdfadf',
}