1. Cookie
Cookie, sometimes with plural forms Cookies, refers to the data (typically encrypted) to identify the user identity of certain sites, for tracking purposes session stored on the user's local terminal. Cookie was originally Netscape's former employee Lou Montulli invention March 1993. Cookie is generated by the server, sent to the User-Agent (usually a browser), the browser will Cookie of key / value is saved to a text file in a directory, it sends a request to the Cookie the same site next server (provided that the browser is set to enable cookie). Cookie can develop their own names and values defined by the server so that the server can know whether the user is a legitimate user and the need to log in again and so on. Cookies may comprise any server using information regularly screened and maintenance information, to determine the state of the HTTP transport. Cookies remember the most typical user name.
Cookie is a piece of information is stored in plain text in a browser, it is recommended not to store sensitive information such as passwords, because the browser on the computer may be used by other people.
1.1 Cookie features
Cookie storing information in a format key-value pairs.
Cookie domain-based security, Cookie different domain name can not visit each other, such as when accessing itcast.cn wrote Cookie information to the browser, use the same browser to access baidu.com, inaccessible to itcast.cn write Cookie Information .
When a browser requests a Web site, with all relevant information Cookie site will be submitted to the browser stores web server.
Typical Applications: Remember the user name, website advertising push.
These ads are based on push commodity Have you ever clicked on Taobao commodity groups and other criteria to filter out, it looks like this is the Taobao online access Phoenix Cookie, but the fact is not the case, typically using a nested iframe tag Taobao ad pages to the Phoenix page, so Taobao Cookie has not been read to Phoenix, but still Taobao to read through the "Developer tools" Show elements.
1.2 Set Cookie
Open booktest / views.py file, create a view cookie_set.
def cookie_set(request): Response = the HttpResponse ( " <h1 of> Set Cookie, please see the response packet header </ h1 of> " ) response.set_cookie('h1', '你好') return response
Open booktest / urls.py files, configuration url.
url(r'^cookie_set/$',views.cookie_set),
Enter the following URL in your browser.
http://127.0.0.1:8000/cookie_set/
Cookie settings can view the information in the response header in the "Developer Tools".
1.3 read Cookie
Cookie COOKIES property information is contained in the access request header, a request object.
Open booktest / views.py file, create a view cookie_get.
def cookie_get(request): Response = the HttpResponse ( " read Cookie, data was as follows: <br> " ) IF ' h1 of ' in Request.Cookies: response.write('<h1>' + request.COOKIES['h1'] + '</h1>') return response
Open booktest / urls.py files, configuration url.
url(r'^cookie_get/$',views.cookie_get),
Enter the following URL in your browser.
http://127.0.0.1:8000/cookie_get/
Open the "Developer Tools", you can view the information in the Cookie request header.
2. Session
For sensitive and important information, it is recommended to be stored in the server can not be stored in the browser, such as user name, balance, level, verification information codes.
Programs held in the state of the server is Session.
2.1 Enabling Session
Session Django project enabled by default.
Open test3 / settings.py file, enable Session middleware MIDDLEWARE_CLASSES in.
Disable Session: Session middleware will be deleted.
2.2 storage
Open test3 / settings.py file, setting items designated SESSION_ENGINE Session data storage mode may be stored in a database, cache, the Redis like.
Stored in the database, the following settings can write, can not write, this is the default storage.
SESSION_ENGINE='django.contrib.sessions.backends.db'
Stored in the cache: stored in the machine's memory, you can not recover if you lose, than the way the database to read and write faster.
SESSION_ENGINE='django.contrib.sessions.backends.cache'
The hybrid memory: priority access from the machine's memory, if there is no access from the database.
SESSION_ENGINE='django.contrib.sessions.backends.cached_db'
If stored in a database, you need to install the application in terms INSTALLED_APPS in Session.
After the migration creates a stored Session of the table in the database.
Table structure as shown below.
Seen from the table structure, comprising three operating Session data: key, value, expires.
2.3 dependent on Cookie
All the requester Session will be stored in the server, the server how to distinguish the correspondence between the requester and Session data it?
Session after use, the data is stored in a Cookie sessionid, the browsers each request this data to the server, the server after receiving the sessionid, the requestor will identify Session based on this value.
如果想使用Session,浏览器必须支持Cookie,否则就无法使用Session了。
存储Session时,键与Cookie中的sessionid相同,值是开发人员设置的键值对信息,进行了base64编码,过期时间由开发人员设置。
2.4 对象及方法
通过HttpRequest对象的session属性进行会话的读写操作。
以键值对的格式写session。
request.session['键']=值
根据键读取值。
request.session.get('键',默认值)
清除所有session,在存储中删除值部分。
request.session.clear()
清除session数据,在存储中删除session的整条数据。
request.session.flush()
删除session中的指定键及值,在存储中只删除某个键及对应的值。
del request.session['键']
设置会话的超时时间,如果没有指定过期时间则两个星期后过期。
request.session.set_expiry(value)
如果value是一个整数,会话将在value秒没有活动后过期。
如果value为0,那么用户会话的Cookie将在用户的浏览器关闭时过期。
如果value为None,那么会话永不过期。