flask
@app.before_request 函数被修饰以后,每一次被@app.route装饰请求到来后,都会先执行它,如果没问题即正常执行,那么就会进入到正常的被app.route修饰的函数中进行响应,如果有多个函数被app.before_request修饰了,那么这些函数会被依次执行
from flask import Flask, session,jsonify,redirect,request
import functools
app = Flask(__name__)
app.config['SECRET_KEY'] = "sfsdfdsrt4tg"
@app.before_request
def auth_login():
'''
如果允许通过访问,可以return None
该装饰器装饰的函数如果有return其他内容则直接结束访问,
效果有点类似django的process_reqeust中间件方法。
比如通过这个装饰器写登陆验证,判断其是否有session,没有则不允许访问,有则继续访问
然后通过request.path判断访问的函数,如果是登陆(白名单)则通过。
request.url 是完整的url
request.path是域名后面的url正则
'''
print(session.get("username"))
if request.path == "/login":
return None
if not session.get("username"):
print('没登陆')
return redirect("/login")
@app.after_request
def process_response(response):
"""
视图函数执行完毕并执行成功后执行
:param response: 必须接受一个response
:return:
"""
ip = request.remote_addr
url = request.path
print("%s访问 %s 成功" % (ip, url))
return response
@app.route('/login')
def home():
session["username"]="test"
return "<h1>home</h1>"
@app.route('/index')
def index():
return "<h1>index</h1>"
@app.route('/logout')
def logout():
session.clear()
return '删除session成功'
if __name__ == '__main__':
app.run(debug=True)
bottle
from bottle import route, run
def auth(func):
def inner(*args, **kargs):
try:
account = request.get_cookie('account')
except:
redirect('/')
if account:
return func(*args,**kargs)
else:
redirect('/')
return inner
@app.route('/login')
def home():
if request.method == 'POST':
username = request.POST.getunicode('username')
password = request.POST.getunicode('password')
user_look = db.query(Users).filter_by(username=username).all()
password_check = user_look[0].password
if password == password_check:
response.set_cookie("account", username, secret='iCanTTellYouTheSecret', max_age=3600 * 3)
return "<h1>home</h1>"
@app.route('/index')
@auth
def index():
return "<h1>index</h1>"
@route("/logout")
def logout():
response.delete_cookie('account')
return redirect('/')
run(server='twisted', host='0.0.0.0', port=str(port), reloader=True)