#!/usr/bin/env python
# -*- coding:utf-8 -*-
import tornado.ioloop
import tornado.web
container = {}
class Session:
def __init__(self,handler):
self.handler = handler
self.random_str = None
# 生成随机字符串
def __random_star(self):
import hashlib
import time
obj = hashlib.md5()
obj.update(bytes(str(time.time()),encoding='utf-8'))
random_str = obj.hexdigest()
return random_str
# 在用户浏览器上设置cookie
def __setitem__(self,key,value):
if not self.random_str:
# 获取用户上的cookie
random_str = self.handler.get_cookie('__kakaka__')
# 如果用户没有 cookie 那么就创建一份
if not random_str:
random_str = self.__random_star()
container[random_str] = {}
# 如果有
else:
# 如果 random_str 在 container.keys()里面 就pass
if random_str in container.keys():
pass
# 否则 就重新创建一份
else:
random_str = self.__random_star()
container[random_str] = {}
self.random_str = random_str
container[self.random_str][key] = value
self.handler.set_cookie('__kakaka__',self.random_str)
# 获取用户浏览器上的cookie
def __getitem__(self,key):
random_str = self.handler.get_cookie('__kakaka__')
#判断random_str是否为空
if not random_str:
return None
# 到container里面获取下random_str 看是否存在
user_info_dict = container.get(random_str,None)
if not user_info_dict:
return None
val = user_info_dict.get(key)
return val
class BaseHandler(tornado.web.RequestHandler):
def initialize(self):
self.session = Session(self)
class IndexHandler(BaseHandler):
def get(self, *args, **kwargs):
# 获取用户传入的值 如果等于将执行操作
if self.get_argument('u',None)in ['alex','eric']:
self.session['is_login'] = True
self.session['name']= self.get_argument('u',None)
else:
self.write('请登录')
class ManagerHandler(BaseHandler):
def get(self, *args, **kwargs):
# 获取用户随机字符串 判断是否是true
val = self.session['is_login']
if val:
self.write(self.session['name'])
else:
self.write('失败')
class LoginHandler(BaseHandler):
def get(self, *args, **kwargs):
self.render('login.html',status = "")
def post(self, *args, **kwargs):
user = self.get_argument('user',None)
pwd = self.get_argument('pwd',None)
code = self.get_argument('code',None)
ceck_code = self.session['CeckCode']
if ceck_code.upper() == code.upper():
self.write('验证码正确')
else:
self.render('login.html',status = '验证码错误')
class CodeHandler(BaseHandler):
def get(self, *args, **kwargs):
import io
import check_code
mstream = io.BytesIO()
# 创建图片 并写入验证码
img,code = check_code.create_validate_code()
# 为每个用户保存验证码
self.session['CeckCode'] = code
# 将图片写入IO mstream 中
img.save(mstream,"GIF")
# 发送图片到客户端
self.write(mstream.getvalue())
pass
class XsrfHandler(BaseHandler):
def get(self, *args, **kwargs):
self.render('csrf.html')
def post(self, *args, **kwargs):
self.write('Hello')
settings = {
'template_path':'views',
'static_path':'statics',
'cookie_secret':'skjfsajdklfjalskj',
# 开启POST提交 xsrf 验证 需要HTML表单中携带 {% raw xsrf_form_html() %} 才能提交
'xsrf_cookies':True,
}
application = tornado.web.Application([
(r"/index",IndexHandler),
(r"/manager",ManagerHandler),
(r"/login",LoginHandler),
(r"/check_code",CodeHandler),
(r"/csrf",XsrfHandler),
],**settings)
if __name__ == '__main__':
application.listen(8888)
tornado.ioloop.IOLoop.instance().start()