Cookie and session, cookiesession

Cookie and session, cookiesession
Cookie and session 1. cookie

Cookies are key-value pairs stored locally in the browser. It is included in the Response Header during transmission between the browser and the server. You can set cookies on both the browser and server. The browser uses js to send or modify cookies to the server. For example, you can write document. cookie = "user = tom" on the browser console ".

Set cookie parameters on the server:

Request. set_cookie (key, value, max_age =, expires =, path = '/', domain = '', secure = False, httponly = False)

Max_age: The cookie's validity period, in seconds, but IE does not recognize it

Expires: the cookie validity period. The value is of the datatime type.

Eg: Set the cookie validity period to 7 days

Expires = datatime. datatime. utcnow () + datatime. timedelta (day = 7)

Path: set this cookie to take effect only in this path

Domain: the setting takes effect under this second-level domain name

Secure: When a website uses https, it must be changed to true. The default value is Flase.

Httponly: Only http access is allowed. However, on the browser side, you agree to use js to overwrite the original value for modification.

Ii. session

Session is a key-Value Pair stored on the server. The storage format is {"sessionid": {"username": "tom", "passwd": "123456" ,}}. sessionid indicates the user's identity, the session is queried Based on the sessionid. The searched value stores the user's personal information. Sessionid is automatically created and allocated by Django when a user accesses the server. It is stored in cookies, so the session needs to rely on cookies. In the database, keys and values are also encrypted. A single user generates only one piece of data. Expired sessions are automatically updated instead of re-created. The default session validity period is half a month.

Simple session operations:

Get session: request. session [key]

Set session: request. session [key] = value

Delete session: del request. session [key]

Note: The delete operation does not actually Delete the database, but updates the session_data of the database to another value.

Set the session expiration time:

Request. session. set_expiry (value)

If the value is an integer, the session will expire after these seconds;

If the value is datatime or timedelta, the session will expire after this time;

If the value is 0, it will expire after the user closes the browser;

If the value is none, the session will be dependent on the global session failure policy.

The session fails and is not deleted from the database.

Iii. instance cookie and session login verification

Please move: http://www.cnblogs.com/xshan/p/8463587.html

Iv. debugging

Browser error: 'wsgirequest' object has no attribute 'session'

Solution: Because the session operation is not prompted when writing in pycharm, the MIDDLEWARE in settings. py is changed from MIDDLEWARE to MIDDLEWARE_CLASSES. In fact, according to other blogs, this is a problem with the Django version. Before MySQL 1.10, the MIDDLEWARE key was MIDDLEWARE_CLASSES, and after MySQL 1.10, it was MIDDLEWARE. Therefore, when the development environment is different from the versions of other environments, be careful. (Reference: http://blog.csdn.net/xiongjiezk/article/details/53220302)