秘密的钥匙,字符串可以随便给
获取session
v = flask.session.get(sName, defaultValue)
或者
v = flask.session[sName] if sName in flask.session else defaultValue
来获取sName名称的session值,如果sName不存在就返回defaultValue值
在确保sName在flask.session中存在的情况下可以使用:
v = flask.session[sName]获取值。
设置session
通过
flask.session[sName]=v
设置名称为sName的session值
删除session
通过
del flask.session[sName]
删除sName的session
main.py
import flask
app = flask.Flask("web")
import pymysql
def initializeBD():
res = False
try:
# 创建数据的链接对象con
con = pymysql.connect(host="127.0.0.1", port=3306, user="root", password="001009", db="testdb", charset="utf8")
# 创建一个字典类型的游标cursor
cursor = con.cursor(pymysql.cursors.DictCursor)
# cursor执行SQL命令
sql = "create table users (user varchar(16) primary key, pwd varchar(16), email varchar(128))"
cursor.execute(sql)
# 提交数据库
con.close()
res = True
except Exception as err:
print(err)
return res
def registerBD(user, pwd, email):
initializeBD()
res = False
try:
# 创建数据的链接对象con
con = pymysql.connect(host="127.0.0.1", port=3306, user="root", password="001009", db="testdb", charset="utf8")
# 创建一个字典类型的游标cursor
cursor = con.cursor(pymysql.cursors.DictCursor)
# cursor执行SQL命令
# sql = "insert into users (user, pwd, email) values ('" + user + "', '" + pwd + "', '" + email + "')"
# cursor.execute(sql)
sql = "insert into users (user, pwd, email) values (%s, %s, %s)"
cursor.execute(sql, [user, pwd, email])
# 提交数据库
con.commit()
con.close()
res = True
except Exception as err:
print(err)
return res
def readUser(user, pwd):
try:
# 创建数据的链接对象con
con = pymysql.connect(host="127.0.0.1", port=3306, user="root", password="001009", db="testdb", charset="utf8")
# 创建一个字典类型的游标cursor
cursor = con.cursor(pymysql.cursors.DictCursor)
# cursor执行SQL命令
sql = "select * from users where user='" + user + "'and pwd='" + pwd+"'"
cursor.execute(sql)
row = cursor.fetchone()
# 提交数据库
con.commit()
con.close()
if row:
return True
else:
return False
except Exception as err:
return False
@app.route("/", methods=["GET", "POST"])
def login():
flask.session["login"] = ""
msg = ""
user = ""
pwd = ""
if flask.request.method == "POST":
user = flask.request.values.get("user", "")
pwd = flask.request.values.get("pwd", "")
if user != "" and pwd != "":
if readUser(user, pwd):
# 登录成功时,设置login的session值为OK
flask.session["login"] = "OK"
msg = user + "登录成功"
return flask.redirect("/secret")
else:
msg = user + "登录失败"
return flask.render_template("login.html", msg=msg, user=user, pwd=pwd)
@app.route("/register", methods=["GET", "POST"])
def register():
msg = ""
if flask.request.method == "POST":
user = flask.request.values.get("user", "")
pwd1 = flask.request.values.get("pwd1", "")
pwd2 = flask.request.values.get("pwd2", "")
email = flask.request.values.get("email", "")
if user != "" and pwd1 != "" and pwd1 == pwd2:
if registerBD(user, pwd1, email):
msg = user + "注册成功"
else:
msg = "注册失败" + user + "已经存在"
else:
msg = "该用户名称与密码不能空,两次密码要一致"
return flask.render_template("register.html", msg=msg)
@app.route("/secret", methods=["GET", "POST"])
def secret():
# Sessions是服务器中的一个变量
# login session值
if flask.session.get("login", "") == "":
# 用户没用登录, 转向根目录
return "该页面要登陆后才能访问,<a href='/'>请登录</a>"
return flask.render_template("secret.html")
app.debug=True
if __name__ == "__main__":
# 秘密的钥匙,字符串可以随便给
app.secret_key = "123"
app.run()
secret.html
<h1>这是一个受保护的私密页面</h1>
register.html
<h1>注册</h1>
<form name="frm" id="frm" action="" method="post">
<div>用户<input type="text" name="user" id="user"></div>
<div>密码<input type="password" name="pwd1" id="pwd1"></div>
<div>确认密码<input type="password" name="pwd2" id="pwd2"></div>
<div>邮箱<input type="email" name="email" id="email"></div>
<div><input type="submit" value="注册">
</div>
</form>
<div><a href="/">登录</a></div>
<div>{{msg}}</div>
login.html
<h1>登录</h1>
<form name="frm" id="frm" action="" method="post">
<div>用户<input type="text" name="user" value="{{user}}"></div>
<div>密码<input type="password" name="pwd" value="{{pwd}}"></div>
<div><input type="submit" value="登录">
</div>
<a herf="/register"></a>
</form>
<div><a href="/register">注册</a></div>
<div><a href="/secret">秘密</a></div>
<div>{{msg}}</div>
必须登录以后才能访问secret.html页面