Different systems have different interfaces request process mechanisms, such as cookies common request process, session request process, token request process
1, cookies request process
The following examples are cookies processing request, the request processing is relatively simple cookies, cookies simply bring each request header value can be
def test_login(): url = 'http://www.renren.com/ajaxLogin/login' params = {'1':'1','uniqueTimestamp':'20201418255'} datas = {'email':'[email protected]','icode':'','origURL':'http://www.renren.com/home','domain':'renren.com','key_id':'1','captcha_type':'web_login', 'password':'9476d406614f42ecefdaba8e9d525e14a20ea9b188e3a3c0c7741de13ca51e43','rkey':'7773848e037e15b9883721139f3c1ac4'} r = requests.post(url=url,params=params,data = = rtdatas)r.text return r.cookies # returns Cookies DEF test_profile (): URL = ' http://www.renren.com/273782860/profile ' R & lt = requests.get (URL = URL, Cookies = test_login ()) call # when the tape Cookies Print (r.text)
2, session request process
session cookies and similar processing request process, in fact, session cookie stored with a sessionID, sends the ID request, the client sends the request again, which request header required (cookie) return belt sessionID
Roadmap:
1, transmits the login request
2, the login is successful, the information returned to the client sessionID
3, the client sends the request again, which requires sessionID request header (Cookie) return belt
def test_login(): url = 'http://www.renren.com/ajaxLogin/login' params = {'1':'1','uniqueTimestamp':'20201418255'} datas = {'email':'[email protected]','icode':'','origURL':'http://www.renren.com/home','domain':'renren.com','key_id':'1','captcha_type':'web_login', 'password':'9476d406614f42ecefdaba8e9d525e14a20ea9b188e3a3c0c7741de13ca51e43','rkey':'7773848e037e15b9883721139f3c1ac4'} r = requests.post(url=url,params=params,data = = rtdatas)r.text return r.cookies # returns Cookies DEF test_profile (): URL = ' http://www.renren.com/273782860/profile ' R & lt = requests.get (URL = URL, Cookies = test_login ()) # call when the tape Cookies Print (r.text)
Cookies on, the flow of processing session request, requests the library may also be used for processing session session
import requests import requests def test_login(): url = 'http://www.renren.com/ajaxLogin/login' params = {'1':'1','uniqueTimestamp':'20201418255'} datas = {'email':'xxxxxx,'icode':'','origURL':'http://www.renren.com/home','domain':'renren.com','key_id':'1','captcha_type':'web_login', 'password':'9476d406614f42ecefdaba8e9d525e14a20ea9b188e3a3c0c7741de13ca51e43','rkey':'7773848e037e15b9883721139f3c1ac4'} s = requests.session() #建立session会话 r = s.post(url=url,params=params,data=datas) rt = r.text return s #session def test_profile(): url = 'http://www.renren.com/273782860/profile' r= test_login().get(url=url) print(r.text)
3, token request process
token
token, the user identity authentication.
The simplest token consisting of: uid (user's unique identity), time (timestamp of the current time), sign (a signature).
roadmap request token:
1), send a request to log
2), after a successful login, the server returned to the response data of the client, including the token
3), the client sends a request again (such as viewing each profile), then you need to bring in clients inside the token, the token request parameter generally have the following two ways:
a, which the client request parameters { "User": 3465, "token": "rtyuio45678fdg"}
B, in which the first request
def login(): data={"username":"admin","password":"admin"} r=requests.post( url='http://127.0.0.1:5000/login', json=data) return r.json()['access_token'] #返回token def books(): headers={'Authorization':' JWT {0} ' .format (Login ())} # contained within the request header token R & lt = requests.get ( URL = ' http://127.0.0.1:5000/profile ' , headers = headers) # tape request head Print (r.text)
cookies, the difference between the session, token (reproduced below to https://blog.csdn.net/qq_37939251/article/details/83511451)
token
token, the user identity authentication.
The simplest token consisting of: uid (user's unique identity), time (timestamp of the current time), sign (a signature).
On a five-point understanding Token authentication
Token is a collection of information;
contained in the Token enough information in order to reduce the chance of the database query in subsequent requests;
server requires cookie and HTTP Authrorization Header Token inspection information;
session
Session, on behalf of the server and the browser of a session, this process is continuous, it can be intermittent.
cookie stored with a sessionID, this ID will be sent upon request;
session because the request (request objects) produced;
session is a container that can store any objects in the session;
creation and use of session is always in the service side, the browser is never get too session object;
session is a http storage mechanism, in order to provide a lasting mechanism for armed http.
cookie
store data on the user's local terminal server generates, sent to the browser, the next request to the server unified website.
cookie and session distinguish
cookie data is stored on the client, session data on the server;
cookie is not very safe, and save the data is limited;
in the session some time saved on the server when accessing the increase, taking up server performance.
session with the token
as authentication, security token line better than the session;
Session authentication simply store the User information to the Session, because of the unpredictability of the SID, for the time being considered safe. This is a means of authentication. The Token, when it refers to OAuth Token or similar mechanism, then, is to provide authentication and authorization, certification is for the user, is authorized for App. Its purpose is to allow a right of access to information App a user.
token and the cookie
Cookie domain collapse is not allowed access, but token support, provided that the user authentication information transmitted via HTTP headers transmission;
When the token is a token, such as your authorization (login) a program, he is a basis to determine whether you have licensed the software; cookie is written in a txt file on the client, which includes your login information and the like, so that you at login times a website, it will automatically call the cookie automatically log the user name; session and cookie, only in session is written in the file server, but also need to write cookie files on the client, but the file in your browser numbers .Session state is on the server side, the client only session id is stored; and Token status is stored in the client.
Reference link: https: //blog.csdn.net/qq_37939251/article/details/83511451