Cookie and Session of Django

Understand session tracking technology

Share data among multiple requests of a session. This is session tracking technology. For example, the request in a session is as follows :? Request the bank homepage;

• Login Request (the request parameter is the user name and password );
• Request Transfer (Request Parameters and transfer-related data );
• Request credit card repayment (Request Parameters and repayment-related data ).

In this session, the current user information must be shared in this session, because the login is Michael Jacob, so the transfer and repayment must be relative to Michael Jacob! This means that we must have the ability to share data in a session.

Session path technology is completed using cookies or sessions

We know that HTTP is a stateless protocol, that is, every request is independent! The status of the previous request cannot be recorded. However, cookies can be used in HTTP to track sessions! In web development, sessions are used to track sessions. The underlying layer of sessions depends on cookie technology.

Cookie overview what is Cookie

Cookies are translated into Chinese, which means cookies. In HTTP, it indicates the small dessert that the server sends to the client browser. Actually, cookie is a key-value structure, similar to a dictionary in Python. The response is sent to the client browser as the server responds. The client browser then saves the cookie and sends the cookie to the server when you access the server again. A cookie is a key-Value Pair created by the server and sent to the client through a response. The client saves the cookie and marks the cookie source (the server's cookie ). When the client sends a request to the server, it will include all the server cookies in the request and send them to the server so that the server can recognize the client!

Cookie Specification

• The maximum cookie size is 4 kb;
• A server can store up to 20 cookies in a client browser;
• A browser can store up to 300 cookies;

The above data is only the HTTP cookie specification. However, in today's browser war, Some browsers may "Expand" the cookie specification to defeat their competitors and show their own capabilities, for example, if the size of each cookie is 8 KB, a maximum of 500 cookies can be saved! But there is no possibility of occupying your hard disk full!
Note that cookies are not shared between different browsers. That is to say, when you use IE to access the server, the server will send the cookie to IE and save it by IE. When you use Firefox to access the server, the cookie stored by IE cannot be sent to the server.

Cookie and HTTP Header

Cookies are transmitted on the client and server through HTTP request and Response Headers:

• COOKIE: Request Header, which is sent from the client to the server;
• Format: COOKIE: A = A; B = B; C = C. Multiple cookies are separated by semicolons ;? Set-COOKIE: Response Header, which is sent from the server to the client;
• One cookie object, one set-COOKIE: A = A set-COOKIE: B = B set-COOKIE: C = C

Cookie Overwrite

If the server sends duplicate cookies, the original cookies will be overwritten. For example, the first cookie sent by the client to the server is: set-COOKIE: A =; the second request is sent by the server: set-COOKIE: A = AA, so the client only leaves a cookie, that is, a = AA.

Cookie syntax in Django

Set COOKIE:

1234	rep = Httpresponse (...) or rep = render (request,...) or rep = redirect ()  rep.set_cookie(key,value,...)rep.set_signed_cookie(key,value,salt='Encrypted salan',...)

Source code:

'''

Class httpresponsebase: def set_cookie (self, key, key value = '', value max_age = none, long time
Cookie duration (in seconds)
If the parameter is \ none '', the cookie will continue until the browser is closed.
Expires = none, too long
Expires defaults to none, indicating the actual date/time when the cookie expires.
    　　　　　　　　　　　　　　　　　　　　　　　　　　　　
Path = '/' indicates the path in which the cookie takes effect. The browser will only send the cookie back to the page with this path. This will avoid passing the cookie to other applications on the site. /Indicates the root path. Special: the cookie of the root path can be accessed by any URL page. Domain = none. You can use this parameter to construct a cross-site cookie. For example, the cookie constructed by domain = ".example.com" is readable for the following websites: www.example.com, www2.example.com, and an.other.sub.domain.example.com. If this parameter is set to none, the cookie can only be read by the site where it is set. Secure = false. If it is set to true, the browser will pass the cookie back and forth through HTTPS. HTTPOnly = false can only be transmitted over HTTP and cannot be obtained by JavaScript (not absolute, it can be obtained or overwritten by capturing packets at the underlying layer): Pass '''

Get COOKIE:

1	request.COOKIES

Delete COOKIE:

1	response.delete_cookie("cookie_key",path="/",domain=name)

Jquery operation cookie

Exercise

Case 1: display the last access time.

Case 2: display the last browsed item.

Session

Session is a server-side technology. With this technology, the server can create an exclusive Session object for each user's browser at runtime. Because session is exclusive to the user's browser, therefore, when users access the Web Resources of the server, they can put their own data in their respective sessions. When users access other web resources on the server, other web resources then retrieve data from their respective sessions to serve users.

Session syntax in Django

12345678910

1, Set sessions Value          request.session[‘session_name‘] ="admin"2, Get sessions Value          session_name = request.session["session_name"]3, Delete sessions Value          del request.session["session_name"]4、flush()     Delete the current session data and delete the cookie of the session.     This ensures that the previous session data cannot be accessed by the user's browser again.

+ View code

Session Configuration

+ View code

Cookie and Session of Django