基于cookie和session的登录验证

2018-02-24 07:51:52来源:cnblogs.com作者:xsan人点击

分享

settings.py

MIDDLEWARE = [    'django.middleware.security.SecurityMiddleware',    'django.contrib.sessions.middleware.SessionMiddleware',    'django.middleware.common.CommonMiddleware',    'django.middleware.csrf.CsrfViewMiddleware',    'django.contrib.auth.middleware.AuthenticationMiddleware',    'django.contrib.messages.middleware.MessageMiddleware',    'django.middleware.clickjacking.XFrameOptionsMiddleware',]

一般不用修改settings.py,但是使用模版需要修改如下:(即将TEMPLATES中的DIRS改成[os.path.join(BASE_DIR, 'templates')])

TEMPLATES = [    {        'BACKEND': 'django.template.backends.django.DjangoTemplates',        'DIRS':  [os.path.join(BASE_DIR, 'templates')],        'APP_DIRS': True,        'OPTIONS': {            'context_processors': [                'django.template.context_processors.debug',                'django.template.context_processors.request',                'django.contrib.auth.context_processors.auth',                'django.contrib.messages.context_processors.messages',            ],        },    },]

urls.py

from django.urls import pathfrom cookie import viewsurlpatterns = [    path('admin/', admin.site.urls),    path('login/',views.login),    path('index/',views.index),]

models.py

from django.db import models# Create your models here.class User(models.Model):    user=models.CharField(max_length=20,unique=True,db_index=True)    pwd=models.CharField(max_length=20,db_index=True)    def __str__(self):        return self.user

views.py

from django.shortcuts import render, redirect
from .models import User


# Create your views here.
def login(request):
msg = ''
if request.method == 'POST':
name = request.POST.get("user")
pwd = request.POST.get("pwd")
c = User.objects.filter(user=name, pwd=pwd).count()
if c:
request.session['is_log'] = 111
request.session['username'] = name
return redirect('/index/')
else:
msg = '用户名或密码有误'
return render(request, 'login.html', {'msg': msg})
else:
return render(request, 'login.html', {'msg': msg})


def index(request):
print(request.session.get('is_log'))
if request.session.get('is_log', None):
user = request.session.get('username')
return render(request, 'index.html', {'user': user})
else:
return redirect('/login/')


def bb(request):
return redirect('/login/')

index.html

<!DOCTYPE html><html lang="en"><head>    <meta charset="UTF-8">    <title>index</title></head><body>欢迎 {{ user }}!</body></html>

login.html

<!DOCTYPE html><html lang="en"><head>    <meta charset="UTF-8">    <title>login</title></head><body><form action="/login/" method="post">    {% csrf_token %}    <div>        <laber for="user">用户名</laber>        <input id="user" type="text" name="user"/>    </div>    <div>        <laber for="pwd">密码</laber>        <input id="pwd" type="password" name="pwd">    </div>    <div>        <input type="submit" value="登录">    </div></form></body></html>

注意:由于我们将session存于数据库中所以要执行python manage.py makemigrations 后再执行python manage.py migrate创建数据表。

最新文章

123

最新摄影

闪念基因

微信扫一扫

第七城市微信公众平台