这里以一个简单的注册登录跳转为例说一下session 和 cookie的用法.
app的名字是 sessiontest
templates下模板 urls sessiontest.views sessiontest.forms sessiontest.models 文本代码如下:
templates下模板
#index.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<title>Welcome!</title>
</head>
<body>
<h2>欢迎你 {{ username }}</h2>
<hr/>
<p>
{%if flag %}
<a href="/logout/">注销</a>
<a href="/welcome/">欢迎页面</a>
{% else %}
<a href="/login/">登陆</a>
<a href="/register/">注册</a>
{%endif%}
</p>
</body>
</html>
#register.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<title>Account Register</title>
</head>
<body><form action="" method="post">
<p>username:
<input type="text" name="username" ></p>
<p>password:
<input type="text" name="password" ></p>
<p> <a href="/login/">登陆</a>
<a href="/index/">返回首页</a>
<input type="submit" value="注册"/></p>
</form>
</body>
</html>
#login.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript" src="/static/jquery.js"></script>
<script type="text/javascript" src ="/static/function.js"></script>
<title>Account Login</title>
</head>
<body>
<form action="" method="post">
<p>username:
<input type="text" name="username" value={{ account }}></p>
<p>password:
<input type="password" name="password" value={{ password }}></p>
<p>
<a href="/register/">注册</a>
<a href="/index/">返回首页</a>
<input type="submit" value="登录"/>
</p>
</form>
</body>
</html>
#welcome.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<title>Welcome!</title>
</head>
<body>
<h2> 再次欢迎你 {{ username }}</h2>
<hr/>
<p>
<a href="/logout/">注销</a>
<a href="/index/">返回首页</a>
</p>
</body>
</html>
urls.py文件:
from django.conf.urls import patterns, url, include
urlpatterns = patterns('',
(u'^login/$', 'sessiontest.views.login'),
(u'^register/$','sessiontest.views.register'),
(u'^index/$', 'sessiontest.views.index'),
(u'^logout/$','sessiontest.views.logout'),
(u'^welcome/$','sessiontest.views.welcome'),
)
# sessiontest.py文件
#coding=UTF-8
from django.shortcuts import render_to_response
from forms import RegisterForm,LoginForm
from sessiontest.models import User
from django.http import HttpResponseRedirect
from django.http import HttpResponse
def index(request):
user = request.session.get("username",None)
username = "游客"
flag = False
if user:
username = user
flag = True
return render_to_response('index.html',locals())
def register(request):
if request.method == 'POST':
form = RegisterForm(request.POST)
if form.is_valid():
username=form.cleaned_data["username"]
password=form.cleaned_data["password"]
user=User(username =username,password = password)
user.save()
request.session["username"] = username
return HttpResponseRedirect("/index/")
return render_to_response("register.html")
def login(request):
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
request.session["username"] = request.REQUEST.get("username")
response = HttpResponseRedirect("/index/")
response.set_cookie("account",request.REQUEST.get("username"),10)
response.set_cookie("password",request.REQUEST.get("password"),10)
return response
username = request.COOKIES.get("account",None)
password = request.COOKIES.get("password",None)
p = User.objects.filter(username = username, password = password)
if p:
return render_to_response("index.html",locals())
return render_to_response("login.html")
def logout(request):
if request.session.get("username",None):
del request.session["username"]
return HttpResponseRedirect('/index/')
def welcome(request):
user = request.session.get("username",None)
if not user:
return HttpResponseRedirect('/login/')
name = user
return render_to_response('welcome again.html',locals())
#forms.py 文件
#coding=UTF-8
from django import forms
from sessiontest.models import User
class RegisterForm(forms.Form):
username = forms.CharField(max_length=20)
password = forms.CharField(max_length=20)
def clean_username(self):
username = self.cleaned_data.get("username","")
users = User.objects.filter(username = username )
if not users:
return username
else:
raise forms.ValidationError("该昵称已经被使用请使用其他的昵称")
def clead_password(self):
password = self.cleaned_data.get("password","")
if len(password) == 0:
return False
return password
class LoginForm(forms.Form):
username=forms.CharField(max_length=20)
password=forms.CharField(max_length=20)
def clean_username(self):
username = self.cleaned_data.get("username","")
password = self.cleaned_data.get("password","")
p = User.objects.filter(username = username)
if not p:
raise forms.ValidationError("Not enough words!")
return self.cleaned_data["username"]
#models.py
from django.db import models
class User(models.Model):
username = models.CharField(max_length=20)
password = models.CharField(max_length=20)
def __unicode__(self):
return self.username +" "+self.password
然后在setting.py 文件里面加上
SESSION_COOKIE_AGE = 60*10 (session过期时间,这里是以秒为单位)
以及
SESSION_ENGINE = "django.contrib.sessions.backends.cache"
表示sessionid会存在于客户端的缓存中 (这个我还没弄明白原理是怎样)
session主要用到的方法为:
#取得某个session的值 若没有则为None
request.session.get("username",None)
#设置一个新的session的值 变量名字可以自行起
request.session["username"] = username
cookies的方法为:
#设置一个新的cookie account及其值 时间为600s 设置为-1则为永久
response.set_cookie("account",request.REQUEST.get("username"),10×60)
#获取一个cookie值
username = request.COOKIES.get("account",None)
更多session 和 cookie的使用方法请自行百度。
你会发现在成功登录一次之后,如果在session未过期期间再次登录则可直接进入.
若然session时间过了, 则在index.html页面会显示你为游客. 跳转到登录页面会里面的账户和密码已经帮你填好,这是cookie,直接登录即可。
假如你在登录期间改了密码,那么下次登录的时候表单里面依然是旧的密码,必然不能登录。
至于怎样刷新session的时间,貌似单纯用html是实现不了,据说用ajax可以实现,这个得研究研究.
还有一个就是你第一次登录,浏览器会询问你是否要记住密码,这个就是网站设置了cookie的效果,若你按否,浏览器就不会帮你生成这个cookies