时间戳

首页 > 解决方案 > 如何使用 Django 设置 cookie?

python - 如何使用 Django 设置 cookie?

问题描述

def signin(request):
    if request.method == "POST":
        form = LoginForm(request.POST)
        email_input = str(request.POST['email'])
        password_input = str(request.POST['password'])
        user_Qset = Profile.objects.filter(email = email_input)

        if user_Qset is not None:
            password_saved = str(user_Qset.values('password')[0]['password'])
            if password_input == password_saved:
                request.session['name'] = str(user_Qset.values('name')[0]   ['name'])
                request.session['email'] = str(user_Qset.values('email')[0]['email'])
                request.session['password'] = str(user_Qset.values('password')[0]['password'])
                return HttpResponse('login success.')
            else:
                return HttpResponse('locin failed, wrong password')
        else:
            return HttpResponse('login failed, wrong email address')
    else:
        form = LoginForm()
        return render(request, 'registration/login.html', {'form': form})

我想通过使用request.session方法添加cookie,但它不起作用

我该如何使用它?

标签: pythondjangosessioncookies

解决方案

  1. 差异

您可能知道,cookie 和 session 之间存在巨大差异Cookies 在客户端存储数据。会话使用 cookie 作为密钥,并将其与存储在服务器端的数据相关联。

  1. 会话更好

通常最好使用会话而不是 cookie,因为数据对客户端是隐藏的,并且您可以轻松设置数据何时过期变为无效。

  1. 安全原因

在安全方面,如果一切都是围绕 cookie 构建的,恶意用户可能会更改其 cookie 数据,向您的网站发送错误请求。

但是如果你想真正使用 cookie,Django 现在可以处理请求和响应对象上的直接 cookie 操作方法。

你可以这样做:

视图.py

def signin(request):
    response = HttpResponse('login success.')
    if request.method == "POST":
        form = LoginForm(request.POST)
        email_input = str(request.POST['email'])
        password_input = str(request.POST['password'])
        user_Qset = Profile.objects.filter(email = email_input)

        if user_Qset is not None:
            password_saved = str(user_Qset.values('password')[0]['password'])
            if password_input == password_saved:
                response.set_cookie('name', str(user_Qset.values('name')[0]   ['name']))
                response.set_cookie('email', str(user_Qset.values('email')[0]['email']))
                response.set_cookie('password', str(user_Qset.values('password')[0]['password']))
                return response
            else:
                return HttpResponse('locin failed, wrong password')
        else:
            return HttpResponse('login failed, wrong email address')
    else:
        form = LoginForm()
        return render(request, 'registration/login.html', {'form': form})

来源 https://docs.djangoproject.com/en/dev/topics/http/sessions/

https://docs.djangoproject.com/en/dev/ref/request-response/

推荐阅读