django用户登录验证的参考示例,代码仅供参考,安全方面还需进一步加固。
from django.shortcuts import render,redirect
def logincheck(request):
if request.method=='GET':
return render(request,'login.html')
elif request.method=="POST":
user=request.POST.get('username')
pwd=request.POST.get('password')
if user=="admin" and pwd=="admin":
request.session.set_expiry(3600) #session认证时间为3600s,3600s之后session认证失效
request.session['username']=user #user的值发送给session里的username
request.session['is_userlogin']=True #认证状态为真
return redirect('/index')
else:
return redirect('/login')
return render(request,'login.html')
def index(request):
if request.session.get('is_userlogin',False): #若session认证为真
return render(request,'index.html',{'username':request.session['username']})
else:
return redirect('/login')
def logout(request): #撤销
request.session.clear() #删除session里的全部内容
return redirect('/login')