1、CBV实现的登录视图
classLoginView(View):defget(self, request):"""处理GET请求"""
return render(request, 'login.html')defpost(self, request):"""处理POST请求"""user= request.POST.get('user')
pwd= request.POST.get('pwd')if user == 'alex' and pwd == "alex1234":
next_url= request.GET.get("next")#生成随机字符串
#写浏览器cookie -> session_id: 随机字符串
#写到服务端session:
#{
#"随机字符串": {'user':'alex'}
#}
request.session['user'] =userifnext_url:returnredirect(next_url)else:return redirect('/index/')return render(request, 'login.html')
2、要在CBV视图中使用我们上面的check_login装饰器,有以下三种方式:
2.1、加在CBV视图的get或post方法上
from django.utils.decorators importmethod_decoratorclassHomeView(View):def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")
@method_decorator(check_login)defpost(self, request):print("Home View POST method...")return redirect("/index/")
2.2、加在dispatch方法上
from django.utils.decorators importmethod_decoratorclassHomeView(View):
@method_decorator(check_login)def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")
因为CBV中首先执行的就是dispatch方法,所以这么写相当于给get和post方法都加上了登录校验。
2.3、直接加在视图类上,但method_decorator必须传 name 关键字参数
如果get方法和post方法都需要登录校验的话就写两个装饰器。
from django.utils.decorators importmethod_decorator
@method_decorator(check_login, name="get")
@method_decorator(check_login, name="post")classHomeView(View):def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")
3、CSRF Token相关装饰器在CBV中的使用
CSRF Token相关装饰器在CBV只能加到dispatch方法上,或者加在视图类上然后name参数指定为dispatch方法。
csrf_protect,为当前函数强制设置防跨站请求伪造功能,即便settings中没有设置全局中间件。
csrf_exempt,取消当前函数防跨站请求伪造功能,即便settings中设置了全局中间件。
from django.views.decorators.csrf importcsrf_exempt, csrf_protectfrom django.utils.decorators importmethod_decoratorclassHomeView(View):
@method_decorator(csrf_exempt)def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")
或者
from django.views.decorators.csrf importcsrf_exempt, csrf_protectfrom django.utils.decorators importmethod_decorator
@method_decorator(csrf_exempt, name='dispatch')classHomeView(View):def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")