What is Cookie:
Works cookie is: generated content from the server, the browser stores locally after receipt of the request; visit again when the browser, the browser will automatically take this cookie, so the server will be able to be judged by this cookie who you are
Django operation cookie
Get cookie
request.COOKIES['key'] request.get_signed_cookie(key, default=RAISE_ERROR, salt='', max_age=None)
parameter:
default: default value
salt: salt
max_age: background control over time, in seconds'
Django set cookie:
rep = HttpResponse(...) rep = render(request, ...) rep.set_cookie(key,value,...) rep.set_signed_cookie(key,value,salt='加密盐', max_age=None, ...)
parameter:
key: Key
value: value
max_age: Timeout in seconds
expiress: Timeout
path: the path of the cookie effective, represents the root path, special: cookie root path can be accessed by any of the URL of the page
domain: The domain cookie is valid
secure: https transmission
httponly = false: only https protocol transmission, JavaScript can not be acquired (not absolute, can get to the bottom of capture may be covered)
Django delete the cookie
DEF Zimbabwe Logout (Request): REP = redirect ( " / the Login / " ) rep.delete_cookie ( " the User " ) # delete usercookie values previously set on the user's browser to return REP
cookie landing check
DEF check_login (FUNC): @wraps (FUNC) DEF Inner (Request, * args, ** kwargs): next_url = request.get_full_path () IF request.get_signed_cookie ( " Login " , = Salt " the SSS " , default = None) == " yes " : # user has logged ... return FUNC (Request, * args, ** kwargs) the else : # no users logged in, login page jump arrived return redirect ( " ? / the Login / = the Next } { " .format (next_url)) return inner def login(request): if request.method == "POST": username = request.POST.get("username") passwd = request.POST.get("password") if username == "xxx" and passwd == "dashabi": next_url = request.GET.get("next") if next_url and next_url != "/logout/": response = redirect(next_url) else: response = redirect("/class_list/") response.set_signed_cookie("login", "yes", salt="SSS") return response return render(request, "login.html")
What is Session
Cookie up for the lack HTTP stateless, let the server know who to come, but Cookie in the form of text stored locally, so its less secure; we use a cookie to identify different users, corresponding session in saving private information and text than 4096 bytes, another cookie and session commonality in fact something that is not limited to language and framework
Django setting session
request.session[]