django的session的登入驗證
阿新 • • 發佈:2019-01-22
urls.py
from django.conf.urls import url
from django.contrib import admin
from app01 import views
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^login/', views.login, name='login'),
url(r'^index/', views.index, name='index'),
url(r'^logout/', views.logout, name='logout'),
]
views.py
# -*- coding:utf-8 -*- from django.shortcuts import render, redirect # Create your views here. user_info = { 'lily': {'pwd': '123'}, 'rose': {'pwd': '123'} } def login(request): if request.method == 'POST': u = request.POST.get('uu') p = request.POST.get('pp') s = request.POST.get('ss') if user_info.get(u): if p == user_info.get(u).get('pwd'): # 生成隨機字串儲存在cookie中 sessionid : xxxxx # 儲存在session中(資料庫) # 在服務端,每個隨機字串對應一個字典,儲存資訊 request.session['user111'] = u request.session['is_login'] = True # 設定自動登出登入 if s == '1': # 括號中數字單位為秒 request.session.set_expiry(5) elif s == '2': request.session.set_expiry(20) elif s == '3': request.session.set_expiry(60) return redirect('/index/') return render(request, 'login.html') def index(request): u = request.session.get('user111') if request.session.get('is_login', None): return render(request, 'index.html', {'u': u}) else: return render(request, 'login.html') def logout(request): request.session.clear() return redirect('/login/')
template-login
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title></title> </head> <body> <form action="/login/" method="post"> {% csrf_token %} <p><input type="text" placeholder="username" name="uu" /></p> <p><input type="password" placeholder="password" name="pp" /></p> <p>自動退出登入時間: <select name="ss"> <option value="1">5s</option> <option value="2">20s</option> <option value="3">1m</option> </select></p> <input type="submit" value="提交" /> </form> </body> </html>
template-index
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
welcome to {{ u }}
<a href="/logout/">exit</a>
</body>
</html>