Use of cookies and session s in Django

1. http protocol

   • Two features:
     • No connection: disconnect in one response to a request.
     • Stateless: Do not remember the last connection information, each connection is a new connection.
       
   • Later: keep-alive

2. cookie: session tracking (resolving http protocol stateless)

   • what: Browser technology.

   • Standard:

     • Maximum size is 4 KB
     • A server can save up to 20 cookie s in a client browser
     • A browser can save up to 300 cookie s because it can access multiple servers.
     • One user: One browser: One server

   • Use in Django: ret.set_cookie('k1','v1')

     from django.shortcuts import render,HttpResponse,redirect
     
     def wraper(f):
         def inner(request, *args, **kwargs):
             is_login = request.COOKIES.get('is_login')
             if is_login == 'True':
                 ret = f(request, *args, **kwargs)
                 return ret
             else:
                 # return redirect('login')
                 return HttpResponse('Fuck off')
         return inner
     
     @wraper
     def index(request):
         return render(request, 'index.html')
     
     def login(request):
         if request.method == 'GET':
             return render(request, 'login.html')
         else:
             username = request.POST.get('username')
             password = request.POST.get('password')
             print(username, password)
             if username == 'hqq' and password == '123':
                 ret = redirect('index')
                 ret.set_cookie('is_login', 'True')
                 return ret
             else:
                 return redirect('login')
     

3. session

   table:django_session
     session_key   123ssfjasld
     session_data  {'username':'hqq'}Encrypted data

   from django.shortcuts import render,HttpResponse,redirect
   
   def login_decorator(f):
       def inner(request, *args, **kwargs):
           if request.session.get('is_login') == True:
               ret = f(request, *args, **kwargs)
               return ret
           else:
               return redirect('login')
       return inner
   
   
   def login(request):
       if request.method == 'GET':
           return render(request, 'login.html')
       else:
           username = request.POST.get('username')
           password = request.POST.get('password')
           print(username, password)
           if username == 'hqq' and password == '123':
               # from django.conf import settings
               # from django.conf import global_settings
               # settings.SESSION_COOKIE_NAME
   
               request.session['is_login'] = True
               request.session['username'] = 'chao'
               """
               1.Generated sessionid:Random string;
               2.stay cookie A key-value pair is added. session_id:zdfafdsf；
               3.The user's data is encrypted and saved to django-session Table.
   
               session_key  session_data
               assdfsfds     Encrypted string of user data
   
               """
   
               return redirect('home')
           else:
               return redirect('login')
   
   
   @login_decorator
   def home(request):
       # print(request.session)
       # <django.contrib.sessions.backends.db.SessionStore object at 0x10d3b1e48>
       is_login = request.session.get('is_login')
       print(is_login)  # True for bool value
       """
              1.from cookie Take out inside session_id: xxx This random string
              2.go django-session The corresponding data is queried in the table
              3.Reverse the encrypted user's data and get the data the user needs
   
       """
       return render(request, 'home.html')