会话技术
- 干啥的
- 辅助服务器识别用户(客户端)
- 怎么实现
- 主要有三种
- 内置实现
- Cookie
- Session
- 自定义
- Token
- 内置实现
- 主要有三种
- 啥时候用
- 只要需要识别用户
- 想要用户历史信息
服务器为什么不能识别客户端?
- 服务器面向海量客户端
- 识别难度高,性能低
- 请求生命周期
- 从Request开始,到Response结束
- 目前所使用的Http都是短连接
- HTTP协议是无状态协议
Cookie
- 客户端会话技术
- 数据都存储在客户端
- 也就是存储在浏览器中
- Cookie是服务器给的
- 它是通过Response操作
- 双R
- Request
- 客户端发送给服务器的数据
- Response
- 服务器响应给客户端的数据
- Request
- Cookie特性
- Cookie必须通过Response操作
- Cookie键值存储 key-value
- 请求默认会携带本站所有有效Cookie
- Cookie是以站点为单位的
- 不能跨域名
- 不能跨浏览器
- Cookie支持过期
- 默认是关闭浏览器过期,不关闭永远不过期
- max-age
- 时间段
- expires
- 时间点
- Cookie默认是明文的
- Cookie不支持中文
- 可以通过编解码实现
利用cookie实现登录和退出登录
class Login(View):
def get(self,request):
return render(request, 'lianxi/login.html')
def post(self,request):
username = request.POST.get('username')
mobile = request.POST.get('mobile')
users = User.objects.filter(username=username)
if not users.exists():
return HttpResponse('该用户不存在')
user = users.first()
goods_record = user.record_set.all()
id = user.id
if mobile == user.mobile:
response = HttpResponse('登录成功')
response.set_cookie("user_id", id)
msg = json.dumps('那你真是太帅了')
response.set_cookie('msg',msg)
return render(request,'lianxi/user_goods.html',context={'username':username,'msg':'那你真是太帅了','goods_record':goods_record})
class UserInfo(View):
def get(self,request):
user_id = request.COOKIES.get('user_id')
msg = json.loads(request.COOKIES.get('msg'))
if user_id:
user = User.objects.get(id=user_id)
goods_record = user.record_set.all()
# print(user)
# print(goods_record)
# print(goods_record)
username = user.username
return render(request, 'lianxi/user_goods.html',context=locals())
return render(request, 'lianxi/login.html',context={'msg':'请重新登录'})
class Logout(View):
def get(self,request):
response = HttpResponse('退出成功')
response.delete_cookie('user_id')
return response
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>用户中心</title>
</head>
<body>
<h3>欢迎回来:{{ username }}</h3>
<button><a href="{% url 'logout' %}">退出登录</a></button>
<h1>{{ msg }}</h1>
<h2>您喜爱的水果如下所示:</h2>
<ul>
{% for record in goods_record %}
<li>{{ record.good.goodname }}</li>
{% endfor %}
</ul>
</body>
</html>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>用户登录</title>
</head>
<body>
{{ msg }}
<form action="{% url 'login'%}" method="post">
{% csrf_token %}
<input type="text" name="username" placeholder="用户名字">
<input type="text" name="mobile" placeholder="手机号">
<button>登录</button>
</form>
</body>
</html>
cookie不能传递中文信息,利用 json 包
json.dumps()
json.loads()
msg = json.dumps('那你真是太帅了')
response.set_cookie('msg',msg)
msg = json.loads(request.COOKIES.get('msg'))
cookie 必须是一个 HttpResponse 的对象
cookie的生存周期
参考
——————————————————————————————————————
Session
- 服务端会话技术
- Session依赖于Cookie
- 将session_key作为session_id存储到了cookie中
- Session拥有Cookie所有特性
- Session支持中文
- Session默认存在内存中
- Django中将Session做了数据持久化
- 存在三个字段
- session_key
- session_data
- expire_date
- session_data使用了base64进行了编码
- 存在三个字段
class Login(View):
def get(self,request):
return render(request, 'lianxi/login.html')
def post(self,request):
username = request.POST.get('username')
mobile = request.POST.get('mobile')
users = User.objects.filter(username=username)
if not users.exists():
return HttpResponse('该用户不存在')
user = users.first()
goods_record = user.record_set.all()
id = user.id
if mobile == user.mobile:
# response = HttpResponse('登录成功')
# response.set_cookie("user_id", id)
# msg = json.dumps('那你真是太帅了')
# response.set_cookie('msg',msg)
request.session['user_id'] = id
request.session['msg'] = '那你真是太棒了'
return render(request,'lianxi/user_goods.html',context={'username':username,'msg':'那你真是太棒了','goods_record':goods_record})
class UserInfo(View):
def get(self,request):
# user_id = request.COOKIES.get('user_id')
# msg = json.loads(request.COOKIES.get('msg'))
msg = request.session.get('msg')
user_id = request.session.get('user_id')
if user_id:
user = User.objects.get(id=user_id)
goods_record = user.record_set.all()
# print(user)
# print(goods_record)
# print(goods_record)
username = user.username
return render(request, 'lianxi/user_goods.html',context=locals())
return render(request, 'lianxi/login.html',context={'msg':'请重新登录'})
class Logout(View):
def get(self,request):
response = HttpResponse('退出成功')
# response.delete_cookie('user_id')
request.session.flush()
return response
上面用的 session 方式来实现会话技术