Django quickly implements session operations

 

Note:

Starting from this article, I will not fully introduce the creation process of the Django project, because the creation process is described in detail in the previous blogs, and the routines are the same, I am familiar with this routine and want to learn and practice some technical details later.

 

The previous section describes how Django uses cookies to record user logon information. This section describes how session records user logon information.

 

Create a project, create an application, and set settings. py.

Project directory:

 

 

 

Set URL

 

Set the URLs. py file as follows:

from django.conf.urls import patterns, include, urlfrom django.contrib import admin
admin.autodiscover()urlpatterns = patterns(‘‘,    # Examples:    # url(r‘^$‘, ‘csvt11.views.home‘, name=‘home‘),    # url(r‘^blog/‘, include(‘blog.urls‘)),    url(r‘^admin/‘, include(admin.site.urls)),    url(r‘^login/$‘, ‘online.views.login‘),    url(r‘^index/$‘, ‘online.views.index‘),    url(r‘^logout/$‘, ‘online.views.logout‘),)

 

 

Synchronize Databases

 

In this example, we do not need to create a database table (of course, you can refer to the examples in the previous chapters to create a database table for user login). Therefore, we will directly execute Database Synchronization here.

 

A table named django_session is created automatically. This table is used to store our session information.

 

 

Create View

 

Views. py

# Coding = utf-8from Django. shortcuts import renderfrom Django. shortcuts import render, render_to_responsefrom Django. HTTP import httpresponse, httpresponseredirectfrom Django import formsclass userform (forms. form): username = forms. charfield () # User Login def login (req): If req. method = "Post": UF = userform (req. post) If UF. is_valid (): username = UF. cleaned_data ['username'] # pass the username used to obtain the form to the session object req. session [ 'Username'] = username return httpresponseredirect ('/index/') else: UF = userform () return render_to_response('login.html ', {'U': UF }) # Jump to the def index (req) page after Logon: username = req. session. get ('username', 'anybody') return render_to_response('index.html ', {'username': username}) # logout action def logout (req): del req. session ['username'] # Delete session return httpresponse ('logout OK! ')

Here, we use session creation and deletion, with comments in the code. View is the core logic of kinetic energy implementation. The session-related method is called here, which is very simple. It must be noted that the session exists in the form of a dictionary. For example, a sessionid corresponds to a piece of information (for example, user name, password, and items added to the shopping cart .)

 

 

Create Template

 

Login.html

<form method = ‘post‘>    {{uf.as_p}}    <input type="submit" value = "ok"/></form>

 

Index.html

<div>   
 
 
Access Logon
 
Http: // 127.0.0.1: 8000/login/
 
There is no logic to determine whether the user password is normal. Therefore, any information can be entered to log on.
 
 
View the browser session ID
 
 
 
View Database
 
Check, the session is the user login user name to save the database on the server, and the client (browser) generates only a session ID, the program reads the session ID of the client to find the corresponding user name, and return the information to the client. The database does not see the user name (Tom) You just logged on to. It is highlighted in red and encrypted. Therefore, a long string of uppercase and lowercase characters is displayed.
 
Logon successful:

Click logout to exit:

Access the index page again
 
On the index page, click "logout" to exit, and the session ID of the client is deleted. Therefore, the "weclome anybody" prompt is displayed when you access the index page.
 
Problem:
According to the normal logic, user logon is not allowed to access the Successful Logon page (INDEX), which involves Django's "access restrictions" related methods.