#!/usr/bin/env python # -*- coding:utf-8 -*- import tornado.ioloop import tornado.web container = {} class Session: def __init__(self,handler): self.handler = handler self.random_str = None # 生成随机字符串 def __random_star(self): import hashlib import time obj = hashlib.md5() obj.update(bytes(str(time.time()),encoding='utf-8')) random_str = obj.hexdigest() return random_str # 在用户浏览器上设置cookie def __setitem__(self,key,value): if not self.random_str: # 获取用户上的cookie random_str = self.handler.get_cookie('__kakaka__') # 如果用户没有 cookie 那么就创建一份 if not random_str: random_str = self.__random_star() container[random_str] = {} # 如果有 else: # 如果 random_str 在 container.keys()里面 就pass if random_str in container.keys(): pass # 否则 就重新创建一份 else: random_str = self.__random_star() container[random_str] = {} self.random_str = random_str container[self.random_str][key] = value self.handler.set_cookie('__kakaka__',self.random_str) # 获取用户浏览器上的cookie def __getitem__(self,key): random_str = self.handler.get_cookie('__kakaka__') #判断random_str是否为空 if not random_str: return None # 到container里面获取下random_str 看是否存在 user_info_dict = container.get(random_str,None) if not user_info_dict: return None val = user_info_dict.get(key) return val class BaseHandler(tornado.web.RequestHandler): def initialize(self): self.session = Session(self) class IndexHandler(BaseHandler): def get(self, *args, **kwargs): # 获取用户传入的值 如果等于将执行操作 if self.get_argument('u',None)in ['alex','eric']: self.session['is_login'] = True self.session['name']= self.get_argument('u',None) else: self.write('请登录') class ManagerHandler(BaseHandler): def get(self, *args, **kwargs): # 获取用户随机字符串 判断是否是true val = self.session['is_login'] if val: self.write(self.session['name']) else: self.write('失败') class LoginHandler(BaseHandler): def get(self, *args, **kwargs): self.render('login.html',status = "") def post(self, *args, **kwargs): user = self.get_argument('user',None) pwd = self.get_argument('pwd',None) code = self.get_argument('code',None) ceck_code = self.session['CeckCode'] if ceck_code.upper() == code.upper(): self.write('验证码正确') else: self.render('login.html',status = '验证码错误') class CodeHandler(BaseHandler): def get(self, *args, **kwargs): import io import check_code mstream = io.BytesIO() # 创建图片 并写入验证码 img,code = check_code.create_validate_code() # 为每个用户保存验证码 self.session['CeckCode'] = code # 将图片写入IO mstream 中 img.save(mstream,"GIF") # 发送图片到客户端 self.write(mstream.getvalue()) pass class XsrfHandler(BaseHandler): def get(self, *args, **kwargs): self.render('csrf.html') def post(self, *args, **kwargs): self.write('Hello') settings = { 'template_path':'views', 'static_path':'statics', 'cookie_secret':'skjfsajdklfjalskj', # 开启POST提交 xsrf 验证 需要HTML表单中携带 {% raw xsrf_form_html() %} 才能提交 'xsrf_cookies':True, } application = tornado.web.Application([ (r"/index",IndexHandler), (r"/manager",ManagerHandler), (r"/login",LoginHandler), (r"/check_code",CodeHandler), (r"/csrf",XsrfHandler), ],**settings) if __name__ == '__main__': application.listen(8888) tornado.ioloop.IOLoop.instance().start()