Article Directory
1. Introduction to SessionThe client sends a request to the server to get the login page, and the server returns to the client login page.The client sends a request to the server to log in to the system. If the login is successful, the server generates a random string that corresponds to the client data and saves the random string on the server and returns it to the client.After each client successfully logs in, the server saves random strings and data.When a client requests data from the server again with random strings and data previously returned by the server (written in the browser's Cookie), there is no need to verify the state of the client without the Session failing.Session is essentially a key-value pair:
{ 'zx7a4imi2v5dvfrda1vlw3lkoiao6ubj':{'id':1,'name':'erics'}, }
Sessions are server-side data and are essentially key-value pairs.Typically used on a Web site, a session with a user is maintained, which records the user's login status and does not require a second login.The advantage is that sensitive information is not directly given to the client.Session's application relies on cookies, which are required to be written to client browsers.
Cookie s are key-value pairs saved on the client!
2. User login based on SessionDjango has built-in Session operations (Flask also has built-in Session), so it can be used directly.The following is based on Session to complete user login:
views.py
from django.shortcuts import render, HttpResponse, redirect from app01 import models from django.views import View from utils.md5 import md5 class Login(View): def get(self, request): return render(request, 'login.html') def post(self, request): name = request.POST.get('name') pwd = request.POST.get('pwd') obj = models.User.objects.all().filter(name=name, pwd=md5(pwd)).first() if obj: """ 1.Generate Random String 2.adopt cookie Send to Client 3.Server-side Save[Random Character Creation 1:['xx':xx,'xxx':xxx,...]](Session) """ request.session['name'] = name return redirect('/index.html/') return HttpResponse() def index(request): """ 1.Get Client cookie String in 2.go session Find if there is this string in 3.stay session Corresponding key Of value To see if there is any name """ v = request.session.get('name') if v: return HttpResponse('%s Login successful!' % (v)) else: return redirect('/login.html/')
md5.py:
import hashlib SALT = b'erics' # Custom MD5 function def md5(pwd): obj = hashlib.md5(SALT) # pwd is a string and needs to be converted to bytes obj.update(pwd.encode('utf-8')) # Return ciphertext return obj.hexdigest()
login.html:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Sign in</title> <link rel="stylesheet" href="/static/css/bootstrap.min.css"> </head> <body> <div style="margin-top: 10px"> <div> <div> <div> <div> Sign in </div> <div> <form action="/login.html/" method="POST" name="loginForm"> <div> <label for="name">User name</label> <input type="text" name="name" placeholder="enter one user name"> </div> <div> <label for="">Password</label> <input type="password" name="pwd" placeholder="Please input a password"> <div style="color: red;font-weight: bold">{{ msg }}</div> </div> {% csrf_token %} <button type="submit">Sign in</button> </form> </div> </div> </div> </div> </body> </html>
Login page:
After the user logs in, the server saves the Session in the django_databaseSession_in Session tableThe data, or key value corresponding to a random string, is internally encrypted:
Logon success:
Check your browser for cookie s like this: