Python學習---django下的cookie操作 180201
什麽是Cookies
什麽是Cookies
cookies設置的原因: 1. http請求的無記憶性; 2.加快訪問速度 3. 減少服務器壓力
cookies特點:
cookies保存在客戶端瀏覽器上的鍵值對,且每次訪問頁面都會帶著cookies
cookies可以主動清除
cookies也可以被"偽造",可以被別人帶著cookies操作你的賬號
cookies會根據域名進行分類,不能跨域共享,也就是說百度有百度的,JD有京東的
cookies必須請求數據成功後才能有用哈
瀏覽器可以設置不接收Cookies
服務器端設置的cookies
cookies可以設置超時時間, max_age=10
Django下設置Cookie的函數 :
def set_cookie(self, key, value=‘‘, max_age=None, expires=None, path=‘/‘,
domain=None, secure=False, httponly=False):
服務端Cookie學習
1、獲取Cookie:
request.COOKIES[‘key‘] request.get_signed_cookie(key, default=RAISE_ERROR, salt=‘‘, max_age=None) 參數: default: 默認值 salt: 加密鹽 max_age: 後臺控制過期時間
2、設置Cookie:
rep = HttpResponse(...) 或 rep = render(request, ...) rep.set_cookie(key,value,...) rep.set_signed_cookie(key,value,salt=‘加密鹽‘,...) 參數: key, 鍵 value=‘‘, 值 max_age=None, 超時時間 expires=None, 超時時間(IE requires expires, so set it if hasn‘t been already.) path=‘/‘, Cookie生效的路徑,/ 表示根路徑,特殊的:跟路徑的cookie可以被任何url的頁面訪問 domain=None, Cookie生效的域名 secure=False, https傳輸 httponly=False 只能http協議傳輸,無法被JavaScript獲取(不是絕對,底層抓包可以獲取到也可 註意:document.cookie 獲取,也能設置內容,httponly告訴我們只能http傳輸且不能修改。 document.cookie=‘fdafjklfjksaljfsakjflkfaffdfs‘ 設置/覆蓋cookies
獲取Cookie實例:
settings.py
INSTALLED_APPS = [ ... ‘app01‘, # 註冊app ] STATICFILES_DIRS = (os.path.join(BASE_DIR, "statics"),) # 現添加的配置,這裏是元組,註意逗號 TEMPLATES = [ ... ‘DIRS‘: [os.path.join(BASE_DIR, ‘templates‘)], ]
urls.py
from django.contrib import admin from django.urls import path from django.conf.urls import url, include from app01 import views urlpatterns = [ path(‘admin/‘, admin.site.urls), url(r‘^login.html/‘, views.login), url(r‘^index.html/‘, views.index), ]
views.py
from django.shortcuts import render, redirect from app01 import models def login(request): print(request.method) # models.Administrator.objects.create( # username = ‘admin‘, # password = ‘admin‘ # ) 數據庫內保存數據 message = ‘‘ if request.method == ‘POST‘: username = request.POST.get("user") password = request.POST.get("pass") print(‘username: %s, password:%s‘ % (username, password)) # obj = models.Administrator.objects.filter(username=username, password=password).count() # if obj: 從數據庫內取出數據,進行判斷也可以 if username == ‘root‘ and password == ‘root‘: req = redirect(‘/index.html/‘) # 接收redirect對象,# 這裏是瀏覽器路徑,偽靜態 req.set_cookie(‘username‘, username) # req.set_cookie(‘username‘, username, max_age=10) # 設置超時時間10s return req # return redirect(‘/index.html‘) # 與上面3行同,只是添加了Cookie else: message = ‘用戶名或密碼錯誤‘ return render(request, ‘login.html‘, {‘message‘: message}) # 這裏是網頁html def index(request): print(request.method) username = request.COOKIES.get("username") if username: return render(request, ‘index.html‘, {‘username‘: username}) return redirect(‘/login.html/‘) # 這裏是瀏覽器路徑,偽靜態
templates/loginx.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> {# 偽靜態#} <form action="/login.html/" method="post"> {% csrf_token %} {# 為跨站請求 #} <div> <label for="user">用戶名</label> <input id="user" name="user" type="text"> </div> <div> <label for="pass">密 碼</label> <input id="pass" name="pass" type="password"> </div> <div> <label></label> <input value="登錄" type="submit"> <span style="color: red">{{ message }}</span> </div> </form> </body> </html>
templates/index.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> </head> <body> <h2>hello, {{ username }}</h2> </body> </html>
頁面顯示;
初始化數據庫
python manage.py makemigrations python manage.py migrate
設置Cookies實例:
set_cookies默認是使用當前域名,所以使用默認的即可,一般子域名不需用domain參數[path另說]
用戶登錄的操作可以設置頂級域名[baidu.com],所有子域名都可以訪問讀取數據
註意:域名和IP是2個概念哈,cookie綁定的是域名而不是IP
settings.py
INSTALLED_APPS = [ ... ‘app01‘, # 註冊app ] STATICFILES_DIRS = (os.path.join(BASE_DIR, "statics"),) # 現添加的配置,這裏是元組,註意逗號 TEMPLATES = [ ... ‘DIRS‘: [os.path.join(BASE_DIR, ‘templates‘)], ]
urls.py
from django.contrib import admin from django.urls import path from django.conf.urls import url, include from app01 import views urlpatterns = [ url(r‘^test.html/‘, views.test), url(r‘^gettest.html/‘, views.get_test), ]
views.py
from django.shortcuts import render, redirect from app01 import models # 設置Cookie測試 # from django.shortcuts import render, redirect, HttpResponse def test(request): obj = HttpResponse("ok,設置Cookie成功") import datetime timeout = datetime.datetime.utcnow() + datetime.timedelta(seconds=10) obj.set_cookie(‘name‘, "FTL", expires=timeout, max_age=10, path=‘/‘) # 設置Cookie,默認path=/ obj.set_cookie(‘SEX‘, "HHH", expires=timeout, max_age=10, path=‘/test.html‘) # 設置Cookie,path=/test.html # baidu.com頂級域名,下面的crm.baidu.com,也可以訪問 # domain,默認是NONE,當前域名,有domain參數但沒有path,默認域名下找cookie # 不能給同級設置 obj.set_cookie(‘SEX‘, "HHH", expires=timeout, max_age=10, domain=‘baidu.com‘) # 設置域名,domain=‘/‘,默認當前域名 # 使用https訪問安全加密,端口8443,需要證書 obj.set_cookie(‘SEX‘, "HHH", expires=timeout, max_age=10 , secure=True) # 安全加密,端口8443,需要證書 # httponly,用於安全,但是不能做到絕對的安全,僅http傳輸用,防止JS獲取數據[但是抓包可以獲取數據] obj.set_cookie(‘SEX‘, "HHH", expires=timeout, max_age=10 ,httponly=True) # 防止JS獲取Cookie數據[document.cooki] return obj # 取出Cookie測試 def get_test(request): name = request.COOKIES.get(‘name‘) sex = request.COOKIES.get(‘SEX‘) print(name, sex) return HttpResponse(name, sex)
templates/index.html
無
頁面顯示
客戶端的Cookie設置
客戶端設置: document.cookie
客戶端獲取: document.cookie=‘name=FTL‘
e = new Date()
--------------------------------------------------------------------------------------------------------------------------------
dom --> 自己寫,document.cookie="name=FTL",獲取的時候用split切分
jquery插件 --> jquery.cookie.js + jquery-3.2.1.js
<script src=‘/static/js/jquery.cookie.js‘></script>
$.cookie("list_pager_num", 30,{ path: ‘/‘ });
JS插件內配合Jquery設定cookie
JS插件內配合Jquery設定cookie 唯一不同的是Cookie的超時屬性只有expires,可以通過d=new Date()來操作時間 <script src="/static/jquery-2.1.4.min.js"></script> <script src="/static/jquery.cookie.js"></script> <script> $.cookie(); {# 獲取值 #} $.cookie(‘name‘,‘FTL‘); {# 設置新值 #} $.cookie(‘name‘, ‘FTL‘, {‘paht‘:‘/index.html‘}); {# 設置新值 + cookie屬性[屬性同cookie] #} </script> ----------------------------------------views.py # 服務端調用JS插件寫的Cookie def js_cookie(request): print(‘request.COOKIES‘, request.COOKIES) obj = render(request, ‘js_cookie.html‘) obj.set_cookie(‘HELLO‘, ‘FTL‘) return obj
瀏覽器DOM設定cookie:
刷新頁面,觀察後臺的cookie:
基於Cookie的加密:
基於Cookie的加密:
views.py
from django.shortcuts import render, redirect, HttpResponse def test(request): obj = HttpResponse("ok,設置Cookie成功") obj.set_signed_cookie(‘name‘, ‘FTL‘) obj.set_signed_cookie(‘age‘, ‘24‘) return obj # 取出Cookie測試 def get_test(request): name = request.get_signed_cookie(‘name‘) age = request.get_signed_cookie(‘age‘) print(name, age) return HttpResponse(name, age)
【更多參考】http://www.cnblogs.com/wupeiqi/articles/5246483.html
Python學習---django下的cookie操作 180201