设置Cookie
views视图
response = HttpResponse('登录成功')
'''设置cookie : key,value,其他参数'''
response.set_cookie('is_login', True, max_age=100) # 设置登录状态
response.set_cookie('username', user_info) # 设置登录用户名
return response
key
, 键value=
, 值max_age
=None, 超时时间expires
=None, 指定过期时间IE 专用
date = datetime.datetime() expires=datepath='/'
, cookie有效路径domain
=None, Cookie生效的域名secure
=False, https传输httponly
=False 只能http协议传输,无法被JavaScript获取(不是绝对,底层抓包可以获取到也可以被覆盖)
删除Cookie
def logout(request):
rep = redirect("/login/")
rep.delete_cookie("user") # 删除用户浏览器上之前设置的usercookie值
return rep
获取Cookie
username = request.COOKIES.get('username') # 取出登录用户名
Cookie登录校验
def check_login(func):
@wraps(func)
def inner(request, *args, **kwargs):
next_url = request.get_full_path()
if request.get_signed_cookie("login", salt="SSS", default=None) == "yes":
# 已经登录的用户...
return func(request, *args, **kwargs)
else:
# 没有登录的用户,跳转刚到登录页面
return redirect("/login/?next={}".format(next_url))
return inner
def login(request):
if request.method == "POST":
username = request.POST.get("username")
passwd = request.POST.get("password")
if username == "xxx" and passwd == "dashabi":
next_url = request.GET.get("next")
if next_url and next_url != "/logout/":
response = redirect(next_url)
else:
response = redirect("/class_list/")
response.set_signed_cookie("login", "yes", salt="SSS")
return response
return render(request, "login.html")