decorators 参数_Django中decorators装饰器的使用

1、CBV实现的登录视图

classLoginView(View):defget(self, request):"""处理GET请求"""

return render(request, 'login.html')defpost(self, request):"""处理POST请求"""user= request.POST.get('user')

pwd= request.POST.get('pwd')if user == 'alex' and pwd == "alex1234":

next_url= request.GET.get("next")#生成随机字符串

#写浏览器cookie -> session_id: 随机字符串

#写到服务端session：

#{

#"随机字符串": {'user':'alex'}

#}

request.session['user'] =userifnext_url:returnredirect(next_url)else:return redirect('/index/')return render(request, 'login.html')

2、要在CBV视图中使用我们上面的check_login装饰器，有以下三种方式：

2.1、加在CBV视图的get或post方法上

from django.utils.decorators importmethod_decoratorclassHomeView(View):def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")

@method_decorator(check_login)defpost(self, request):print("Home View POST method...")return redirect("/index/")

2.2、加在dispatch方法上

from django.utils.decorators importmethod_decoratorclassHomeView(View):

@method_decorator(check_login)def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")

因为CBV中首先执行的就是dispatch方法，所以这么写相当于给get和post方法都加上了登录校验。

2.3、直接加在视图类上，但method_decorator必须传 name 关键字参数

如果get方法和post方法都需要登录校验的话就写两个装饰器。

from django.utils.decorators importmethod_decorator

@method_decorator(check_login, name="get")

@method_decorator(check_login, name="post")classHomeView(View):def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")

3、CSRF Token相关装饰器在CBV中的使用

CSRF Token相关装饰器在CBV只能加到dispatch方法上，或者加在视图类上然后name参数指定为dispatch方法。

csrf_protect，为当前函数强制设置防跨站请求伪造功能，即便settings中没有设置全局中间件。

csrf_exempt，取消当前函数防跨站请求伪造功能，即便settings中设置了全局中间件。

from django.views.decorators.csrf importcsrf_exempt, csrf_protectfrom django.utils.decorators importmethod_decoratorclassHomeView(View):

@method_decorator(csrf_exempt)def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")

或者

from django.views.decorators.csrf importcsrf_exempt, csrf_protectfrom django.utils.decorators importmethod_decorator

@method_decorator(csrf_exempt, name='dispatch')classHomeView(View):def dispatch(self, request, *args, **kwargs):return super(HomeView, self).dispatch(request, *args, **kwargs)defget(self, request):return render(request, "home.html")defpost(self, request):print("Home View POST method...")return redirect("/index/")