django of maintaining session state

First, the state remains

  1. HTTP protocol is stateless: is a new request each time a request will not remember status before communication

  2. a communication, a session is an implementation state holding the client and server: the data relating to the client or the server stores session

  3. The storage includes a cookie, session, the session generally refers to the session object

  4. Use cookie, all the data stored on the client, be careful not to store sensitive information

  5. Use sesison embodiment, on the server side, the client all data stored in the cookie store session_id

  6. The purpose of the state is keeping track of the state of the requester over a period of time, data access across the page currently requester can be achieved 

  Note: do not share this data between different requesters, correspondence with the requestor

  Usage scenarios: login status remains

Second, to enable session

  1. Configuration

    There are two settings are specifically for the session in the settings.py file, the default has been enabled.

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'common',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
# 'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
 

  The key applications INSTALLED_APP registered, after migration, will generate the corresponding spreadsheet file, the application for data storage, django.contrib.sessions after the migration will generate a data table django_session, which is held on django session ( I want to use django session persistence function must have this data sheet ).

 

   2. Use the session

    After enabling session, each HttpRequest object will have a session attribute, which is a dictionary-like object

    get (key, default = None): Get value of the session key in accordance with 

    flush (): Delete the current session data and deletes the session Cookie

Examples of the user logged in when there :( judging session username in this field, if the user has landed a note, passes the user name to the template rendering the page the user logged on, if not, rendering the page the user is not logged in)

def index(request):
    username = request.session.get("username", None)
    return render(request, 'index.html', context={"username": username})

  1. both readable and write a dictionary-like object that represents the current session

  2. Use the information request.session set up a login at the login

  3. Get the value set in the main page, and then passed to the template

  4. request.session.flush () to clear the data session exit

  3. The session expiration time

    set_expiry (value): Set session timeout

    If not specified, then two weeks after the expiration (django default 15 days)

    If the value is an integer, the session will expire in seconds without activity values

    If the value is a timedelta objects, this session will add the specified date / time expired at the current time

    If the value is 0, then the Cookie user session will expire when the user's browser is closed

    If the value is None, the session never expires

  4. Some default settings for session expiration time

# Whether to close the browser is the Session expired, the default is False
SESSION_EXPIRE_AT_BROWSER_CLOSE = False

# Whether each request Save Session, was saved after modifying default
SESSION_SAVE_EVERY_REQUEST = False

# Session of cookie expiration date, default is 2 weeks
SESSION_COOKIE_AGE = 1209600

 

 

  

  

Guess you like

Origin www.cnblogs.com/loveprogramme/p/12456643.html