编写装饰器判断登录状态
def auth_session(func):
def auth_session_wrapper(request, *args, **kwargs):
# 验证用户是否登录
if not request.session.has_key(db.LOGIN_FLAG):
request.session["msg"] = "未登录,请登录"
# 获取当前动作的来源地址
referer = request.headers.get("referer", None)
if referer is None:
return redirect(to="/")
# 判断请求属于同步请求还是异步请求
if "X-Requested_With" in request.headers:
return JsonResponse({"url": referer}, status=318)
return redirect(to="/?url=" + referer)
# 如果用户登陆了,允许访问受保护的资源
return func(request, *args, **kwargs)
return auth_session_wrapper
同步:
在登录处设置隐藏域
<input type="hidden" name="url" va