分页
1、简单分页
涉及xss攻击,需要用到mark_safe方法,使用此方法字符串传输到后端后,已html形式显示,而非字符串
HTML文件:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> <style> .pagination .page{ display: inline-block; padding: 5px; background-color: cyan; margin: 5px; } .pagination .page.active{ background-color: brown; color: white; } </style> </head> <body> <ul> {% for item in li %} <li>{{ item }}</li> {% endfor %} </ul> <div class="pagination"> {{ page_str }} </div> </body> </html>
处理文件:
LIST = [] for i in range(109): LIST.append(i) from django.utils.safestring import mark_safe def user_list(request): current_page = request.GET.get('p',1) current_page = int(current_page) start = (current_page-1)*10 end = current_page*10 data = LIST[start:end] all_count = len(LIST) count,y = divmod(all_count,10) #整除、余数 if y : #余数不为零 count +=1 page_list = [] for i in range(1,count+1): if i == current_page: temp = '<a class="page active" href="/user_list/?p=%s">%s</a>'%(i,i) else: temp = '<a class="page" href="/user_list/?p=%s">%s</a>'%(i,i) page_list.append(temp) page_str = mark_safe(''.join(page_list)) #xss攻击 不加入此项 page_str传到前端后,显示的是字符串 #而不是html语言 # 另一种方式在前端做 # {{ page_str|safe }} return render(request,'user_list.html',{'li':data,'page_str':page_str})
2、增加功能
分页数进行定制,添加上一页、下一页,增加跳转功能,实现分页的完整功能
HTML文件:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> <style> .pagination .page{ display: inline-block; padding: 5px; background-color: cyan; margin: 5px; } .pagination .page.active{ background-color: brown; color: white; } </style> </head> <body> <ul> {% for item in li %} <li>{{ item }}</li> {% endfor %} </ul> <div class="pagination"> {{ page_str }} </div> </body> </html>
处理文件:
LIST = [] for i in range(199): LIST.append(i) from django.utils.safestring import mark_safe def user_list(request): current_page = request.GET.get('p',1) current_page = int(current_page) start = (current_page-1)*10 end = current_page*10 data = LIST[start:end] all_count = len(LIST) total_count,y = divmod(all_count,10) if y : total_count +=1 pager_num = 11 #页码数 page_list = [] if total_count < pager_num : #总页面小于页码数 start_index = 1 end_index = total_count + 1 else: if current_page <= pager_num/2: #开头 start_index = 1 end_index = pager_num + 1 elif current_page + (pager_num-1)/2 >= total_count: #中间 start_index = total_count - (pager_num-1) end_index = total_count + 1 else: #结尾 start_index = current_page - (pager_num-1)/2 end_index = current_page + (pager_num-1)/2 + 1 # 上下页码 if current_page == 1: prev = '<a class="page" href="javascript:void(0)">上一页</a>' # 什么都不干 else: prev = '<a class="page" href="/user_list/?p=%s">上一页</a>'%(current_page-1) page_list.append(prev) for i in range(int(start_index),int(end_index)): if i == current_page: temp = '<a class="page active" href="/user_list/?p=%s">%s</a>'%(i,i) else: temp = '<a class="page" href="/user_list/?p=%s">%s</a>'%(i,i) page_list.append(temp) if current_page == total_count: nex = '<a class="page" href="javascript:void(0)">下一页</a>' # 什么都不干 else: nex = '<a class="page" href="/user_list/?p=%s">下一页</a>'%(current_page+1) page_list.append(nex) # 跳转 可以写到前端 jump = ''' <input type="text" /><a onclick="jumpTo(this,'/user_list/?p=');">GO</a> <script> function jumpTo(ths,base) { var val = ths.previousSibling.value; location.href = base + val; } </script> ''' page_list.append(jump) page_str = mark_safe(''.join(page_list)) return render(request,'user_list.html',{'li':data,'page_str':page_str})
3、优化完善
页码代码跟业务代码分开,创建class类调用,最好单独创建目录分开
HTML文件:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> <style> .pagination .page{ display: inline-block; padding: 5px; background-color: cyan; margin: 5px; } .pagination .page.active{ background-color: brown; color: white; } </style> </head> <body> <ul> {% for item in li %} <li>{{ item }}</li> {% endfor %} </ul> <div class="pagination"> {{ page_str }} </div> </body> </html>
处理文件:
LIST = [] for i in range(199): LIST.append(i) class Page: def __init__(self, current_page, data_count, per_page_count=10, pager_num=7): self.current_page = current_page self.data_count = data_count self.per_page_count = per_page_count self.pager_num = pager_num @property def start(self): return (self.current_page - 1) * self.per_page_count @property def end(self): return self.current_page * self.per_page_count @property def total_count(self): v, y = divmod(self.data_count, self.per_page_count) if y: v += 1 return v def page_str(self, base_url): page_list = [] if self.total_count < self.pager_num: start_index = 1 end_index = self.total_count + 1 else: if self.current_page <= (self.pager_num + 1) / 2: start_index = 1 end_index = self.pager_num + 1 else: start_index = self.current_page - (self.pager_num - 1) / 2 end_index = self.current_page + (self.pager_num + 1) / 2 if (self.current_page + (self.pager_num - 1) / 2) > self.total_count: end_index = self.total_count + 1 start_index = self.total_count - self.pager_num + 1 if self.current_page == 1: prev = '<a class="page" href="javascript:void(0);">上一页</a>' else: prev = '<a class="page" href="%s?p=%s">上一页</a>' % (base_url, self.current_page - 1,) page_list.append(prev) for i in range(int(start_index), int(end_index)): if i == self.current_page: temp = '<a class="page active" href="%s?p=%s">%s</a>' % (base_url, i, i) else: temp = '<a class="page" href="%s?p=%s">%s</a>' % (base_url, i, i) page_list.append(temp) if self.current_page == self.total_count: nex = '<a class="page" href="javascript:void(0);">下一页</a>' else: nex = '<a class="page" href="%s?p=%s">下一页</a>' % (base_url, self.current_page + 1,) page_list.append(nex) jump = """ <input type='text' /><a onclick='jumpTo(this, "%s?p=");'>GO</a> <script> function jumpTo(ths,base){ var val = ths.previousSibling.value; location.href = base + val; } </script> """ % (base_url,) page_list.append(jump) page_str = mark_safe("".join(page_list)) return page_str from django.utils.safestring import mark_safe def user_list(request): current_page = request.GET.get('p', 1) current_page = int(current_page) page_obj = Page(current_page,len(LIST)) data = LIST[page_obj.start:page_obj.end] page_str = page_obj.page_str("/user_list/") return render(request, 'user_list.html', {'li': data,'page_str': page_str})
Cookie
1、概述
Cookie,有时也用其复数形式 Cookies,指某些网站为了辨别用户身份、进行 session 跟踪而储存在用户本地终端上的数据(通常经过加密)。(可以叫做浏览器缓存)
① 获取Cookie
request.COOKIES['key']
request.COOKIES.get('key')
request.get_signed_cookie(key, default=RAISE_ERROR, salt='', max_age=None)
参数:
default: 默认值
salt: 加密盐
max_age: 后台控制过期时间
② 设置Cookie
rep = HttpResponse(...) 或 rep = render(request, ...) #return的对象
rep.set_cookie(key,value,...)
rep.set_signed_cookie(key,value,salt='加密盐',...)
参数:
key, 键
value='', 值
max_age=None, 超时时间 单位秒
expires=None, 超时时间(IE requires expires, so set it if hasn't been already.) 单位日期
path='/', Cookie生效的路径,/ 表示根路径,特殊的:跟路径的cookie可以被任何url的页面访问 指定生效路径
domain=None, Cookie生效的域名
secure=False, https传输改为True
httponly=False 只能http协议传输,无法被JavaScript获取(不是绝对,底层抓包可以获取到也可以被覆盖)
补充:
# max_age 10秒失效
result.set_cookie('username',u,max_age=10)
# expires 设置失效日期
import datetime
current_date = datetime.datetime.utcnow()
current_date = current_date + datetime.timedelta(seconds=5)
result.set_cookie('username',u,expires=current_date)
# 加密
obj = HttpResponse('s')
obj.set_signed_cookie('username',"kangbazi",salt="asdfasdf")
request.get_signed_cookie('username',salt="asdfasdf")
由于cookie保存在客户端的电脑上,所以,JavaScript和jquery也可以操作cookie
<script src='/static/js/jquery.cookie.js'></script>
$.cookie("list_pager_num", 30,{ path: '/' }); #key vaule 字典
2、用户登录
利用cookie做用户登录页面,只有登录成功才能进入到后台管理
HTML文件:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title></title> </head> <body> <h1>欢迎登录:{{ current_user }}</h1> </body> </html>
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title></title> </head> <body> <form action="/login/" method="POST"> <input type="text" name="username" placeholder="用户名" /> <input type="password" name="pwd" placeholder="密码" /> <input type="submit" /> </form> </body> </html>
处理文件:
user_info = {
'James':{'pwd':'123456'},
'lianzhilei':{'pwd':'123456'}
}
def login(request):
if request.method == 'GET':
return render(request,'login.html')
if request.method == 'POST':
u = request.POST.get('username')
p = request.POST.get('pwd')
dic = user_info.get(u)
if not dic:
return render(request,'login.html')
if dic['pwd']== p:
result = redirect('/index/')
result.set_cookie('username',u) #设置cookie值
return result
else:
return render(request, 'login.html')
def index(request):
v = request.COOKIES.get('username') #获取cookie值
if not v :
return redirect('/login/')
return render(request,'index.html',{'current_user':v})
3、定制分页
根据用户选择的数字,显示页面的数量
HTML文件:
<body>
<ul>
{% for item in li %}
<li>{{ item }}</li>
{% endfor %}
</ul>
<div>
<select id='pg' onchange="ChangePageSize(this)">
<option value="10">10</option>
<option value="30">30</option>
<option value="50">100</option>
</select>
</div>
<div class="pagination">
{{ page_str }}
</div>
<script src="/static/jquery-1.12.4.js"></script>
<script src="/static/jquery.cookie.js"></script>
<script>
$(function () {
var v = $.cookie('per_page_count',{'path':'/user_list/'});
$('#pg').val(v);
});
function ChangePageSize(ths) {
var v = $(ths).val();
$.cookie('per_page_count',v,{'path':'/user_list/'});
location.reload()
}
</script>
</body>
处理文件:
from django.utils.safestring import mark_safe
def user_list(request):
current_page = request.GET.get('p', 1)
current_page = int(current_page)
per_page_count = request.COOKIES.get('per_page_count',10) #获取cookie值
per_page_count = int(per_page_count)
page_obj = Page(current_page,len(LIST),per_page_count)
data = LIST[page_obj.start:page_obj.end]
page_str = page_obj.page_str("/user_list/")
return render(request, 'user_list.html', {'li': data,'page_str': page_str})
4、登录认证(装饰器)
FBV:
1 from django.shortcuts import render 2 3 from django.shortcuts import HttpResponse,redirect 4 from django.shortcuts import reverse 5 6 user_info = { 7 'James': {'pwd': '123456'}, 8 'lianzhilei': {'pwd': '123456'} 9 } 10 11 def login(request): 12 if request.method == 'GET': 13 return render(request, 'login.html') 14 if request.method == 'POST': 15 u = request.POST.get('username') 16 p = request.POST.get('pwd') 17 dic = user_info.get(u) 18 if not dic: 19 return render(request, 'login.html') 20 if dic['pwd'] == p: 21 result = redirect('/index/') 22 result.set_cookie('username', u) # 设置cookie值 23 return result 24 else: 25 return render(request, 'login.html') 26 27 def auth(func): 28 def inner(request,*args,**kwargs): 29 v = request.COOKIES.get('username') # 获取cookie值 30 if not v: 31 return redirect('/login/') 32 return func(request,*args,**kwargs) 33 return inner 34 35 @auth #认证装饰 36 def index(request): 37 v = request.COOKIES.get('username') 38 return render(request, 'index.html', {'current_user': v})
CBV:
1 from django.shortcuts import render 2 3 from django.shortcuts import HttpResponse,redirect 4 from django.shortcuts import reverse 5 6 user_info = { 7 'James': {'pwd': '123456'}, 8 'lianzhilei': {'pwd': '123456'} 9 } 10 11 def login(request): 12 if request.method == 'GET': 13 return render(request, 'login.html') 14 if request.method == 'POST': 15 u = request.POST.get('username') 16 p = request.POST.get('pwd') 17 dic = user_info.get(u) 18 if not dic: 19 return render(request, 'login.html') 20 if dic['pwd'] == p: 21 result = redirect('/index/') 22 result.set_cookie('username', u) # 设置cookie值 23 return result 24 else: 25 return render(request, 'login.html') 26 27 def auth(func): 28 def inner(request,*args,**kwargs): 29 v = request.COOKIES.get('username') # 获取cookie值 30 if not v: 31 return redirect('/login/') 32 return func(request,*args,**kwargs) 33 return inner 34 35 from django import views 36 from django.utils.decorators import method_decorator 37 38 @method_decorator(auth,name='dispatch') #第一种方式 39 class Order(views.View): 40 41 # @method_decorator(auth) #第二种方式 42 # def dispatch(self, request, *args, **kwargs): 43 # return super(Order,self).dispatch(request, *args, **kwargs) 44 45 # @method_decorator(auth) #单独添加 46 def get(self,reqeust): 47 v = reqeust.COOKIES.get('username111') 48 return render(reqeust,'index.html',{'current_user': v}) 49 50 def post(self,reqeust): 51 v = reqeust.COOKIES.get('username111') 52 return render(reqeust,'index.html',{'current_user': v}) 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 LIST = [] 70 for i in range(199): 71 LIST.append(i) 72 73 class Page: 74 def __init__(self, current_page, data_count, per_page_count=10, pager_num=7): 75 self.current_page = current_page 76 self.data_count = data_count 77 self.per_page_count = per_page_count 78 self.pager_num = pager_num 79 80 @property 81 def start(self): 82 return (self.current_page - 1) * self.per_page_count 83 84 @property 85 def end(self): 86 return self.current_page * self.per_page_count 87 88 @property 89 def total_count(self): 90 v, y = divmod(self.data_count, self.per_page_count) 91 if y: 92 v += 1 93 return v 94 95 def page_str(self, base_url): 96 page_list = [] 97 98 if self.total_count < self.pager_num: 99 start_index = 1 100 end_index = self.total_count + 1 101 else: 102 if self.current_page <= (self.pager_num + 1) / 2: 103 start_index = 1 104 end_index = self.pager_num + 1 105 else: 106 start_index = self.current_page - (self.pager_num - 1) / 2 107 end_index = self.current_page + (self.pager_num + 1) / 2 108 if (self.current_page + (self.pager_num - 1) / 2) > self.total_count: 109 end_index = self.total_count + 1 110 start_index = self.total_count - self.pager_num + 1 111 112 if self.current_page == 1: 113 prev = '<a class="page" href="javascript:void(0);">上一页</a>' 114 else: 115 prev = '<a class="page" href="%s?p=%s">上一页</a>' % (base_url, self.current_page - 1,) 116 page_list.append(prev) 117 118 for i in range(int(start_index), int(end_index)): 119 if i == self.current_page: 120 temp = '<a class="page active" href="%s?p=%s">%s</a>' % (base_url, i, i) 121 else: 122 temp = '<a class="page" href="%s?p=%s">%s</a>' % (base_url, i, i) 123 page_list.append(temp) 124 125 if self.current_page == self.total_count: 126 nex = '<a class="page" href="javascript:void(0);">下一页</a>' 127 else: 128 nex = '<a class="page" href="%s?p=%s">下一页</a>' % (base_url, self.current_page + 1,) 129 page_list.append(nex) 130 131 jump = """ 132 <input type='text' /><a onclick='jumpTo(this, "%s?p=");'>GO</a> 133 <script> 134 function jumpTo(ths,base){ 135 var val = ths.previousSibling.value; 136 location.href = base + val; 137 } 138 </script> 139 """ % (base_url,) 140 141 page_list.append(jump) 142 143 page_str = mark_safe("".join(page_list)) 144 145 return page_str 146 147 from django.utils.safestring import mark_safe 148 def user_list(request): 149 current_page = request.GET.get('p', 1) 150 current_page = int(current_page) 151 152 per_page_count = request.COOKIES.get('per_page_count',10) #获取cookie值 153 per_page_count = int(per_page_count) 154 155 page_obj = Page(current_page,len(LIST),per_page_count) 156 157 data = LIST[page_obj.start:page_obj.end] 158 159 page_str = page_obj.page_str("/user_list/") 160 161 return render(request, 'user_list.html', {'li': data,'page_str': page_str}) 162 163 164 165 166 167 # def user_list(request): 168 # current_page = request.GET.get('p',1) 169 # current_page = int(current_page) 170 # 171 # start = (current_page-1)*10 172 # end = current_page*10 173 # data = LIST[start:end] 174 # 175 # all_count = len(LIST) 176 # count,y = divmod(all_count,10) #整除、余数 177 # if y : #余数不为零 178 # count +=1 179 # 180 # page_list = [] 181 # for i in range(1,count+1): 182 # if i == current_page: 183 # temp = '<a class="page active" href="/user_list/?p=%s">%s</a>'%(i,i) 184 # else: 185 # temp = '<a class="page" href="/user_list/?p=%s">%s</a>'%(i,i) 186 # 187 # page_list.append(temp) 188 # 189 # page_str = mark_safe(''.join(page_list)) #xss攻击 不加入此项 page_str传到前端后,显示的是字符串 190 # #而不是html语言 191 # # 另一种方式在前端做 192 # # {{ page_str|safe }} 193 # 194 # return render(request,'user_list.html',{'li':data,'page_str':page_str})
Session
1、概述
两者区别:Cookie是保存在用户浏览器端的键值对,Session是保存在服务器端的键值对;Cookie做用户验证的时,敏感信息不适合放在Cookie中,别人可以分析存放在本地的Cookie并进行Cookie欺骗,考虑到安全应当使用Session;用户验证时两者要结合使用,Session可保存到文件,内存,数据库任意地方
① 获取
# 获取Session中数据
request.session['k1']
request.session.get('k1', None)
② 生成
# 生成Session中数据
request.session['k1'] = 123
request.session.setdefault('k1', 123) # 存在则不设置
③ 删除
# 删除Session中某条数据
del request.session['k1']
# 删除当前用户的所有Session数据
request.session.delete("session_key")
request.session.clear() #注销时可用
④ 键值对
# 所有 键、值、键值对 request.session.keys() request.session.values() request.session.items() request.session.iterkeys() request.session.itervalues() request.session.iteritems()
⑤ 超时时间
# 设置超时时间 request.session.set_expiry(value) #默认超时时间为两周 *如果value是个整数,session会在些秒数后失效。 *如果value是个datatime或timedelta,session就会在这个时间后失效。 *如果value是0, 用户关闭浏览器session就会失效。 *如果value是None, session会依赖全局session失效策略。
⑥ 其他
# 用户session的随机字符串
request.session.session_key
# 将所有Session失效日期小于当前日期的数据删除
request.session.clear_expired()
# 检查 用户session的随机字符串 在数据库中是否 一般用不到
request.session.exists("session_key")
2、用户登录
利用Session做用户登录页面,只有登录成功才能进入到后台管理
HTML文件:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <form action="/login/" method="post"> <input type="text" name="user" /> <input type="text" name="pwd" /> <input type="checkbox" name="session" value="1"/> 保存1个月 <input type="submit" value="提交" /> </form> </body> </html>
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> {{ request.session.username }} </body> </html>
处理文件:
def login(request):
if request.method == 'GET':
return render(request,'login.html')
elif request.method == 'POST':
user = request.POST.get('user')
pwd = request.POST.get('pwd')
if user == 'root' and pwd == "123":
# 生成随机字符串
# 写到用户浏览器Cookie
# 保存到Session中
# 在随机字符串对应的字典中设置相关内容...
request.session['username'] = user
request.session['if_login'] = True #可不加 直接判断username也可以
if request.POST.get('session') == '1': #单独设置超时时间,当前session生效,不影响全局
request.session.set_expiry(10) #10秒
return redirect('/index/')
else:
return redirect('/login/')
def index(request):
# 获取当前用户的随机字符串
# 根据随机字符串获取对应信息
if request.session.get('if_login'):
return render(request, 'index.html')
else:
return redirect('/login/')
3、数据库存储Session
Django默认支持Session,并且默认是将Session数据存储在数据库中,即:django_session表中 配置settings.py SESSION_ENGINE = 'django.contrib.sessions.backends.db' # 引擎(默认) SESSION_COOKIE_NAME = "sessionid" # Session的cookie保存在浏览器上时的key,即:sessionid=随机字符串(默认) SESSION_COOKIE_PATH = "/" # Session的cookie保存的路径(默认) SESSION_COOKIE_DOMAIN = None # Session的cookie保存的域名(默认) SESSION_COOKIE_SECURE = False # 是否Https传输cookie(默认) SESSION_COOKIE_HTTPONLY = True # 是否Session的cookie只支持http传输(默认) SESSION_COOKIE_AGE = 1209600 # Session的cookie失效日期(2周)(默认) SESSION_EXPIRE_AT_BROWSER_CLOSE = False # 是否关闭浏览器使得Session过期(默认) SESSION_SAVE_EVERY_REQUEST = False # 是否每次请求都保存Session,默认修改之后才保存(默认) # 设置Ture后,每次点击页面,时间更新
4、缓存存储Session
配置settings.py SESSION_ENGINE = 'django.contrib.sessions.backends.cache' # 引擎 SESSION_CACHE_ALIAS = 'default' # 使用的缓存别名(默认内存缓存,也可以是memcache),此处别名依赖缓存的设置 SESSION_COOKIE_NAME = "sessionid" # Session的cookie保存在浏览器上时的key,即:sessionid=随机字符串 SESSION_COOKIE_PATH = "/" # Session的cookie保存的路径 SESSION_COOKIE_DOMAIN = None # Session的cookie保存的域名 SESSION_COOKIE_SECURE = False # 是否Https传输cookie SESSION_COOKIE_HTTPONLY = True # 是否Session的cookie只支持http传输 SESSION_COOKIE_AGE = 1209600 # Session的cookie失效日期(2周) SESSION_EXPIRE_AT_BROWSER_CLOSE = False # 是否关闭浏览器使得Session过期 SESSION_SAVE_EVERY_REQUEST = False # 是否每次请求都保存Session,默认修改之后才保存
可以设置为Memcache缓存,默认不支持redis(可以使用网上插件)
配置settings.py SESSION_ENGINE = 'django.contrib.sessions.backends.cache' # 引擎 SESSION_CACHE_ALIAS = 'db' # 使用的缓存别名,此处别名依赖缓存的设置 CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': [ '172.19.26.240:11211', '172.19.26.242:11211', ] }, 'db': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': [ '172.19.26.240:11211', '172.19.26.242:11211', ] } }
5、文件存储Session
配置 settings.py SESSION_ENGINE = 'django.contrib.sessions.backends.file' # 引擎 SESSION_FILE_PATH = None # 缓存文件路径,如果为None,则使用tempfile模块获取一个临时地址tempfile.gettempdir() # 如:/var/folders/d3/j9tj0gz93dg06bmwxmhh6_xm0000gn/T SESSION_COOKIE_NAME = "sessionid" # Session的cookie保存在浏览器上时的key,即:sessionid=随机字符串 SESSION_COOKIE_PATH = "/" # Session的cookie保存的路径 SESSION_COOKIE_DOMAIN = None # Session的cookie保存的域名 SESSION_COOKIE_SECURE = False # 是否Https传输cookie SESSION_COOKIE_HTTPONLY = True # 是否Session的cookie只支持http传输 SESSION_COOKIE_AGE = 1209600 # Session的cookie失效日期(2周) SESSION_EXPIRE_AT_BROWSER_CLOSE = False # 是否关闭浏览器使得Session过期 SESSION_SAVE_EVERY_REQUEST = False # 是否每次请求都保存Session,默认修改之后才保存
6、缓存+数据库Session
数据库用于做持久化,缓存用于提高效率,先去缓存中取数据,缓存没有再去数据库中取,然后在缓存中存一份 配置settings.py SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db' # 引擎
7、加密cookie Session
数据都存在于客户端 配置settings.py SESSION_ENGINE = 'django.contrib.sessions.backends.signed_cookies' # 引擎
注:当使用Session时,需要执行makemigrations和 migrate,数据库上会自动生成django_session数据表
《第二十一章》