zoukankan      html  css  js  c++  java
  • 方法视图(FBV)和类视图(CBV)添加装饰器

    加在FBV视图上添加csrf装饰器:

    1. from django.views.decorators.csrf import csrf_protect
    2. @csrf_exempt # 该函数无需认证
    3. @csrf_protect # 该函数需认证
      from django.views.decorators.csrf import csrf_exempt
      @csrf_exempt
      def index(request):
      
          return render(request,'index.html')
      
      @csrf_exempt #该函数无需认证
      def ajax_add(request):
          s1=int(request.GET.get('s1'))
          s2=int(request.GET.get('s2'))
      
          print(s1,s2)
          s=s1+s2
          return HttpResponse(s)

    from django.utils.decorators import method_decorator

    1. 加在CBV视图的get或post方法上

     1 from django.utils.decorators import method_decorator
     2 
     3 
     4 class HomeView(View):
     5 
     6     def dispatch(self, request, *args, **kwargs):
     7         return super(HomeView, self).dispatch(request, *args, **kwargs)
     8 
     9     def get(self, request):
    10         return render(request, "home.html")
    11     
    12     @method_decorator(check_login)
    13     def post(self, request):
    14         print("Home View POST method...")
    15         return redirect("/index/")

    2. 加在dispatch方法上

     1 from django.utils.decorators import method_decorator
     2 
     3 
     4 class HomeView(View):
     5 
     6     @method_decorator(check_login)
     7     def dispatch(self, request, *args, **kwargs):
     8         return super(HomeView, self).dispatch(request, *args, **kwargs)
     9 
    10     def get(self, request):
    11         return render(request, "home.html")
    12 
    13     def post(self, request):
    14         print("Home View POST method...")
    15         return redirect("/index/")

    因为CBV中首先执行的就是dispatch方法,所以这么写相当于给get和post方法都加上了登录校验。

    3. 直接加在视图类上,但method_decorator必须传 name 关键字参数

    如果get方法和post方法都需要登录校验的话就写两个装饰器。

     1 from django.utils.decorators import method_decorator
     2 
     3 @method_decorator(check_login, name="get")
     4 @method_decorator(check_login, name="post")
     5 class HomeView(View):
     6 
     7     def dispatch(self, request, *args, **kwargs):
     8         return super(HomeView, self).dispatch(request, *args, **kwargs)
     9 
    10     def get(self, request):
    11         return render(request, "home.html")
    12 
    13     def post(self, request):
    14         print("Home View POST method...")
    15         return redirect("/index/")

    CSRF Token相关装饰器在CBV只能加到dispatch方法上,或者加在视图类上然后name参数指定为dispatch方法。

    备注:

    • csrf_protect,为当前函数强制设置防跨站请求伪造功能,即便settings中没有设置全局中间件。
    • csrf_exempt,取消当前函数防跨站请求伪造功能,即便settings中设置了全局中间件。
       1 from django.views.decorators.csrf import csrf_exempt, csrf_protect
       2 from django.utils.decorators import method_decorator
       3 
       4 
       5 class HomeView(View):
       6 
       7     @method_decorator(csrf_exempt)
       8     def dispatch(self, request, *args, **kwargs):
       9         return super(HomeView, self).dispatch(request, *args, **kwargs)
      10 
      11     def get(self, request):
      12         return render(request, "home.html")
      13 
      14     def post(self, request):
      15         print("Home View POST method...")
      16         return redirect("/index/")

      或者:

       1 from django.views.decorators.csrf import csrf_exempt, csrf_protect
       2 from django.utils.decorators import method_decorator
       3 
       4 
       5 @method_decorator(csrf_exempt, name='dispatch')
       6 class HomeView(View):
       7    
       8     def dispatch(self, request, *args, **kwargs):
       9         return super(HomeView, self).dispatch(request, *args, **kwargs)
      10 
      11     def get(self, request):
      12         return render(request, "home.html")
      13 
      14     def post(self, request):
      15         print("Home View POST method...")
      16         return redirect("/index/")
  • 相关阅读:
    AOP动态代理两种方式
    Spring AOP的两种代理方式
    面试中关于Redis的问题看这篇就够了
    关于redis,学会这8点就够了
    什么是MVCC
    JAVA 中BIO,NIO,AIO的理解
    JAVA异常体系结构详解
    Java多线程:由浅入深看synchronized的底层实现原理
    为什么wait,notify和notifyAll要与synchronized一起使用?
    Java并发之AQS详解
  • 原文地址:https://www.cnblogs.com/wen-kang/p/9615542.html
Copyright © 2011-2022 走看看