python学习笔记_week22
2024-05-09 20:33:59
python学习笔记_week22
note
知识点概要- Session- CSRF- Model操作- Form验证(ModelForm)- 中间件- 缓存- 信号
内容详细:
1. Session基于Cookie做用户验证时:敏感信息不适合放在cookie中 a. Session原理Cookie是保存在用户浏览器端的键值对Session是保存在服务器端的键值对 b. Cookie和Session对比 c. Session配置(缺少cache) d. 示例:实现两周自动登陆- request.session.set_expiry(60*10)- SESSION_SAVE_EVERY_REQUEST = TruePS: cookie中不设置超时时间,则表示关闭浏览器自动清除 - session依赖于cookie- 服务器sessionrequest.session.get()request.session[x] = x request.session.clear() - 配置文件中设置默认操作(通用配置):SESSION_COOKIE_NAME = "sessionid" # Session的cookie保存在浏览器上时的key,即:sessionid=随机字符串(默认)SESSION_COOKIE_PATH = "/" # Session的cookie保存的路径(默认)SESSION_COOKIE_DOMAIN = None # Session的cookie保存的域名(默认)SESSION_COOKIE_SECURE = False # 是否Https传输cookie(默认)SESSION_COOKIE_HTTPONLY = True # 是否Session的cookie只支持http传输(默认)SESSION_COOKIE_AGE = 1209600 # Session的cookie失效日期(2周)(默认)SESSION_EXPIRE_AT_BROWSER_CLOSE = False # 是否关闭浏览器使得Session过期(默认)# set_cookie('k',123)SESSION_SAVE_EVERY_REQUEST = False # 是否每次请求都保存Session,默认修改之后才保存(默认)- 引擎的配置
2. CSRFa. CSRF原理b. 无CSRF时存在隐患c. Form提交(CSRF)d. Ajax提交(CSRF)CSRF请求头 X-CSRFToken
6. 中间件
7. 缓存5种配置3种应用:全局 #a. 全站使用视图函数 #b. 单独视图缓存模板 #c、局部视图使用
8. 信号 http://www.cnblogs.com/wupeiqi/articles/5246483.html- 内置信号- 自定义- 定义信号- 触发信号- 信号中注册函数
3. Model操作 a. 字段类型 + 参数b. 连表字段 + 参数c. Metad. SQL操作:- 基本增删改查- 进阶操作- 正反查询- 其他操作e. 验证(弱)
4. Form操作 http://www.cnblogs.com/wupeiqi/articles/6144178.html完成:- 验证用户请求- 生成HTML(保留上一次提交的数据) 自定义:- 类- 字段(校验)- 插件(生成HTML) 初始化操作: bj = FM(initial=dic)
============= 作业:xxxoo管理 =============
用户验证:session
新URL:Form验证
中间件:IP过滤
信号:记录操作
CSRF: a. Form验证用户请求b. Form生成HTMLc. Form字段详细(自定义字段,Model...) + 插件d. 自定义验证(钩子以及__all__)e. 注册示例:用户名、密码、邮箱、手机号(RegexValidator或RegexField)、性别、爱好、城市 f. 初始化值
5. ModelForma. Model+Form功能集合b. savec. save + save_m2mView Code
session
def index(request):# 获取、设置、删除Session中数据request.session['k1']request.session.get('k1',None)request.session['k1'] = 123request.session.setdefault('k1',123) # 存在则不设置del request.session['k1'] request.session.clear()request.session.delete(request.session.session_key)# 所有 键、值、键值对
request.session.keys()request.session.values()request.session.items()request.session.iterkeys()request.session.itervalues()request.session.iteritems()# 用户session的随机字符串
request.session.session_key# 将所有Session失效日期小于当前日期的数据删除
request.session.clear_expired()# 检查 用户session的随机字符串 在数据库中是否request.session.exists("session_key")# 删除当前用户的所有Session数据request.session.delete("session_key")request.session.set_expiry(value)* 如果value是个整数,session会在些秒数后失效。* 如果value是个datatime或timedelta,session就会在这个时间后失效。* 如果value是0,用户关闭浏览器session就会失效。* 如果value是None,session会依赖全局session失效策略SESSION_ENGINE = 'django.contrib.sessions.backends.db' # 引擎(默认)
SESSION_COOKIE_NAME = "sessionid" # Session的cookie保存在浏览器上时的key,即:sessionid=随机字符串(默认)SESSION_COOKIE_PATH = "/" # Session的cookie保存的路径(默认)SESSION_COOKIE_DOMAIN = None # Session的cookie保存的域名(默认)SESSION_COOKIE_SECURE = False # 是否Https传输cookie(默认)SESSION_COOKIE_HTTPONLY = True # 是否Session的cookie只支持http传输(默认)SESSION_COOKIE_AGE = 1209600 # Session的cookie失效日期(2周)(默认)SESSION_EXPIRE_AT_BROWSER_CLOSE = False # 是否关闭浏览器使得Session过期(默认)SESSION_SAVE_EVERY_REQUEST = False # 是否每次请求都保存Session,默认修改之后才保存(默认)View Code
mdoels
1 from django.db import models 2 # Create your models here. 3 class UserInf(models.Model): 4 user = models.CharField(max_length=32)
View Code
views
1 from django.shortcuts import render,redirect,HttpResponse
2 def login(request):
3 # from django.conf import settings
4 # print(settings.CSRF_HEADER_NAME)
5 # HTTP_X_CSRFTOKEN
6 # X-CSRFtoken
7 if request.method == "GET":
8 return render(request,'login.html')
9 elif request.method == "POST":
10 user = request.POST.get('user')
11 pwd = request.POST.get('pwd')
12 if user == 'root' and pwd == "123":
13 # session中设置值
14 request.session['username'] = user #1.生成随机字符串 2.写到用户浏览器cookie 3.保存到session中 4.在随机字符串对应的字典中设置相关内容
15 request.session['is_login'] = True
16 if request.POST.get('rmb',None) == '1':
17 # 超时时间
18 request.session.set_expiry(10)
19 return redirect('/index/')
20 else:
21 return render(request,'login.html')
22 from django.views.decorators.csrf import csrf_exempt,csrf_protect
23 @csrf_protect
24 def index(request):
25 # session中获取值,获取当前用户的随机字符串,根据随机字符串获取对应信息
26 if request.session.get('is_login',None):
27 return render(request,'index.html',{'username': request.session['username']})
28 else:
29 return HttpResponse('gun')
30 def logout(request):
31 # del request.session['username']
32 request.session.clear()
33 return redirect('/login/')
34 class Foo:
35 def __init__(self,req,html,dic):
36 self.req = req
37 self.html = html
38 self.dic = dic
39 def render(self):
40 # // 创建钩子
41 return render(self.req,self.html,self.dic)
42 def test(request,nid):
43 print('小姨妈-->没带钱')
44 # return render(request, 'index.html', {...})
45 return Foo(request, 'index.html', {'k1': 'v1'})
46 from django.views.decorators.cache import cache_page
47 @cache_page(10) #10秒失效,优先级比300秒高
48 def cache(request):
49 import time
50 ctime = time.time()
51 return render(request, 'cache.html', {'ctime': ctime})
52 def signal(reuqest):
53 from app01 import models
54 obj = models.UserInf(user='root')
55 print('end')
56 obj.save()
57 obj = models.UserInf(user='root')
58 obj.save()
59 obj = models.UserInf(user='root')
60 obj.save()
61 from sg import pizza_done
62 pizza_done.send(sender="asdfasdf",toppings=123, size=456)
63 return HttpResponse('ok')
64 ######################## Form #####################
65 from django import forms
66 from django.forms import widgets
67 from django.forms import fields
68 class FM(forms.Form):
69 # 字段本身只做验证
70 user = fields.CharField(
71 error_messages={'required': '用户名不能为空.'},
72 widget=widgets.Textarea(attrs={'class': 'c1'}),
73 label="用户名",
74 )
75 pwd = fields.CharField(
76 max_length=12,
77 min_length=6,
78 error_messages={'required': '密码不能为空.', 'min_length': '密码长度不能小于6', "max_length": '密码长度不能大于12'},
79 widget=widgets.PasswordInput(attrs={'class': 'c2'})
80 )
81 email = fields.EmailField(error_messages={'required': '邮箱不能为空.','invalid':"邮箱格式错误"})
82 f = fields.FileField()
83 # p = fields.FilePathField(path='app01')
84 city1 = fields.ChoiceField(
85 choices=[(0,'上海'),(1,'广州'),(2,'东莞')]
86 )
87 city2 = fields.MultipleChoiceField(
88 choices=[(0,'上海'),(1,'广州'),(2,'东莞')]
89 )
90 from app01 import models
91 def fm(request):
92 if request.method == "GET":
93 # 从数据库中吧数据获取到
94 dic = {
95 "user": 'r1',
96 'pwd': '123123',
97 'email': 'sdfsd',
98 'city1': 1,
99 'city2': [1,2]
100 }
101 obj = FM(initial=dic)
102 return render(request,'fm.html',{'obj': obj})
103 elif request.method == "POST":
104 # 获取用户所有数据
105 # 每条数据请求的验证
106 # 成功:获取所有的正确的信息
107 # 失败:显示错误信息
108 obj = FM(request.POST)
109 r1 = obj.is_valid()
110 if r1:
111 # obj.cleaned_data
112 models.UserInf.objects.create(**obj.cleaned_data)
113 else:
114 # ErrorDict
115 # print(obj.errors.as_json())
116 # print(obj.errors['user'][0])
117 return render(request,'fm.html', {'obj': obj})
118 return render(request,'fm.html')View Code
m1
1 from django.utils.deprecation import MiddlewareMixin
2 class Row1(MiddlewareMixin):
3 def process_request(self,request):
4 print('王森')
5 def process_view(self, request, view_func, view_func_args, view_func_kwargs):
6 print('张欣彤')
7 def process_response(self, request, response):
8 print('扛把子')
9 return response
10 from django.shortcuts import HttpResponse
11 class Row2(MiddlewareMixin):
12 def process_request(self,request):
13 print('程毅强')
14 # return HttpResponse('走')
15 def process_view(self, request, view_func, view_func_args, view_func_kwargs):
16 print('张需要')
17 def process_response(self, request, response):
18 print('侯雅凡')
19 return response
20 class Row3(MiddlewareMixin):
21 def process_request(self,request):
22 print('刘东')
23 def process_view(self, request, view_func, view_func_args, view_func_kwargs):
24 print('邵林')
25 def process_response(self, request, response):
26 print('连之泪')
27 return response
28 def process_exception(self, request, exception):
29 if isinstance(exception,ValueError):
30 return HttpResponse('出现异常》。。')
31 def process_template_response(self,request,response):
32 # 如果Views中的函数返回的对象中,具有render方法
33 print('-----------------------')
34 return responseView Code
s14day22_init
1 import pymysql 2 pymysql.install_as_MySQLdb() 3 import sg
View Code
settings
1 import os
2
3 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
4 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
5
6
7 # Quick-start development settings - unsuitable for production
8 # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
9
10 # SECURITY WARNING: keep the secret key used in production secret!
11 SECRET_KEY = 'm1ueaxz!w8cgj%mx&!ol#14i3fxbco&_!_6eg@k^$_f29%t4&^'
12
13 # SECURITY WARNING: don't run with debug turned on in production!
14 DEBUG = True
15
16 ALLOWED_HOSTS = []
17
18
19 # Application definition
20
21 INSTALLED_APPS = [
22 'django.contrib.admin',
23 'django.contrib.auth',
24 'django.contrib.contenttypes',
25 'django.contrib.sessions',
26 'django.contrib.messages',
27 'django.contrib.staticfiles',
28 'app01',
29 ]
30 from django.middleware.csrf import CsrfViewMiddleware
31 from django.middleware.cache import FetchFromCacheMiddleware
32 from django.middleware.cache import UpdateCacheMiddleware
33 MIDDLEWARE = [
34 # 'django.middleware.cache.UpdateCacheMiddleware',
35 'django.middleware.security.SecurityMiddleware',
36 'django.contrib.sessions.middleware.SessionMiddleware',
37 'django.middleware.common.CommonMiddleware',
38 'django.middleware.csrf.CsrfViewMiddleware',
39 'django.contrib.auth.middleware.AuthenticationMiddleware',
40 'django.contrib.messages.middleware.MessageMiddleware',
41 'django.middleware.clickjacking.XFrameOptionsMiddleware',
42 # 'Middle.m1.Row1',
43 # 'Middle.m1.Row2',
44 # 'Middle.m1.Row3',
45 # 'django.middleware.cache.FetchFromCacheMiddleware',
46
47 ]
48
49 ROOT_URLCONF = 's14day22.urls'
50
51 TEMPLATES = [
52 {
53 'BACKEND': 'django.template.backends.django.DjangoTemplates',
54 'DIRS': [os.path.join(BASE_DIR, 'templates')]
55 ,
56 'APP_DIRS': True,
57 'OPTIONS': {
58 'context_processors': [
59 'django.template.context_processors.debug',
60 'django.template.context_processors.request',
61 'django.contrib.auth.context_processors.auth',
62 'django.contrib.messages.context_processors.messages',
63 ],
64 },
65 },
66 ]
67
68 WSGI_APPLICATION = 's14day22.wsgi.application'
69
70
71 # Database
72 # https://docs.djangoproject.com/en/1.10/ref/settings/#databases
73
74 DATABASES = {
75 'default': {
76 'ENGINE': 'django.db.backends.sqlite3',
77 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
78 }
79 }
80
81
82 # Password validation
83 # https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
84
85 AUTH_PASSWORD_VALIDATORS = [
86 {
87 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
88 },
89 {
90 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
91 },
92 {
93 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
94 },
95 {
96 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
97 },
98 ]
99
100
101 # Internationalization
102 # https://docs.djangoproject.com/en/1.10/topics/i18n/
103
104 LANGUAGE_CODE = 'en-us'
105
106 TIME_ZONE = 'UTC'
107
108 USE_I18N = True
109
110 USE_L10N = True
111
112 USE_TZ = True
113
114
115 # Static files (CSS, JavaScript, Images)
116 # https://docs.djangoproject.com/en/1.10/howto/static-files/
117
118 STATIC_URL = '/static/'
119 STATICFILES_DIRS = (
120 os.path.join(BASE_DIR,'static'),
121 )
122
123 CACHES = {
124 'default': {
125 'BACKEND': 'django.core.cache.backends.filebased.FileBasedCache',
126 'LOCATION': os.path.join(BASE_DIR,'cache')
127 }
128 }View Code
urls
1 from django.conf.urls import url 2 from django.contrib import admin 3 from app01 import views 4 urlpatterns = [ 5 url(r'^admin/', admin.site.urls), 6 url(r'^login/$', views.login), 7 url(r'^index/$', views.index), 8 url(r'^logout/$', views.logout), 9 url(r'^test/(?P<nid>\d+)$', views.test), 10 url(r'^cache/$', views.cache), 11 url(r'^signal/$', views.signal), 12 url(r'^fm/$', views.fm), 13 ]
View Code
cache
1 {% load cache %}
2 <!DOCTYPE html>
3 <html lang="en">
4 <head>
5 <meta charset="UTF-8">
6 <title></title>
7 </head>
8 <body>
9 <h1>{{ ctime }}</h1>
10 <h1>{{ ctime }}</h1>
11 {% cache 10 c1 %}
12 <h1>{{ ctime }}</h1> {# 只缓存这一个 #}
13 {% endcache %}
14 </body>
15 </html>View Code
fm
1 <!DOCTYPE html>
2 <html lang="en">
3 <head>
4 <meta charset="UTF-8">
5 <title></title>
6 </head>
7 <body>
8 <form action="/fm/" method="POST">
9 {% csrf_token %}
10 <p>{{ obj.user.label }} {{ obj.user }} {{ obj.errors.user.0 }}</p>
11 <p>{{ obj.pwd }} {{ obj.errors.pwd.0 }}</p>
12 <p>{{ obj.email }}{{ obj.errors.email.0 }}</p>
13 <p>{{ obj.f }}{{ obj.errors.f.0 }}</p>
14 {{ obj.city1 }}
15 {{ obj.city2 }}
16 <input type="submit" value="提交" />
17 </form>
18 </body>
19 </html>View Code
index
1 <!DOCTYPE html>
2 <html lang="en">
3 <head>
4 <meta charset="UTF-8">
5 <title></title>
6 </head>
7 <body>
8 <h1>欢迎登录:{{ username }}, {{ request.session.username }}</h1>
9 <a href="/logout/">注销</a>
10 </body>
11 </html>View Code
login
1 <!DOCTYPE html>
2 <html lang="en">
3 <head>
4 <meta charset="UTF-8">
5 <title></title>
6 </head>
7 <body>
8 <form action="/login/" method="POST">
9 {% csrf_token %}
10 <input type="text" name="user" />
11 <input type="text" name="pwd" />
12 <input type="checkbox" name="rmb" value="1" /> 10秒免登录
13 <input type="submit" value="提交" />
14 <input id="btn1" type="button" value="按钮" />
15 <input id="btn2" type="button" value="按钮" />
16 </form>
17 <script src="/static/jquery-1.12.4.js"></script>
18 <script src="/static/jquery.cookie.js"></script>
19 <script>
20 $(function(){
21 $.ajaxSetup({
22 beforeSend: function(xhr,settings){
23 xhr.setRequestHeader('X-CSRFtoken', $.cookie('csrftoken'));
24 }
25 });
26 $('#btn1').click(function () {
27 $.ajax({
28 url: '/login/',
29 type:"GET",
30 data: {'user': 'root', 'pwd': '123'},
31 // headers: {'X-CSRFtoken': $.cookie('csrftoken')},
32 success:function(arg){
33 }
34 })
35 });
36 })
37 </script>
38 </body>
39 </html>View Code
sg
1 from django.core.signals import request_finished
2 from django.core.signals import request_started
3 from django.core.signals import got_request_exception
4
5 from django.db.models.signals import class_prepared
6 from django.db.models.signals import pre_init, post_init
7 from django.db.models.signals import pre_save, post_save
8 from django.db.models.signals import pre_delete, post_delete
9 from django.db.models.signals import m2m_changed
10 from django.db.models.signals import pre_migrate, post_migrate
11
12 from django.test.signals import setting_changed
13 from django.test.signals import template_rendered
14
15 from django.db.backends.signals import connection_created
16 def f1(sender, **kwargs):
17 print("xxoo_callback")
18 # print(sender,kwargs)
19 pre_save.connect(f1)
20 import django.dispatch
21 pizza_done = django.dispatch.Signal(providing_args=["toppings", "size"])
22 def callback(sender, **kwargs):
23 print("callback")
24 print(sender,kwargs)
25 pizza_done.connect(callback)View Code
posted on 2018-01-18 09:17 我很好u 阅读(...) 评论(...) 编辑 收藏
转载于:https://www.cnblogs.com/jyh-py-blog/p/8308527.html
python学习笔记_week22相关推荐
- [python教程入门学习]python学习笔记(CMD执行文件并传入参数)
本文章向大家介绍python学习笔记(CMD执行文件并传入参数),主要包括python学习笔记(CMD执行文件并传入参数)使用实例.应用技巧.基本知识点总结和需要注意事项,具有一定的参考价值,需要的朋 ...
- python学习笔记之编写readConfig读写配置文件
python学习笔记之编写readConfig读写配置文件_weixin_34055910的博客-CSDN博客
- Python学习笔记(十一)
Python学习笔记(十一): 生成器,迭代器回顾 模块 作业-计算器 1. 生成器,迭代器回顾 1. 列表生成式:[x for x in range(10)] 2. 生成器 (generator o ...
- Python学习笔记一简介及安装配置
Python学习笔记一 参考教程:廖雪峰官网https://www.liaoxuefeng.com/wiki/0014316089557264a6b348958f449949df42a6d3a2e54 ...
- python学习笔记目录
人生苦短,我学python学习笔记目录: week1 python入门week2 python基础week3 python进阶week4 python模块week5 python高阶week6 数据结 ...
- Python学习笔记(二):标准流与重定向
Python学习笔记(二):标准流与重定向 - SamWei - 博客园 Python学习笔记(二):标准流与重定向 Posted on 2012-02-19 22:36 SamWei 阅读(176) ...
- python 学习笔记 12 -- 写一个脚本获取城市天气信息
近期在玩树莓派,前面写过一篇在树莓派上使用1602液晶显示屏,那么可以显示后最重要的就是显示什么的问题了. 最easy想到的就是显示时间啊,CPU利用率啊.IP地址之类的.那么我认为呢,假设可以显示当 ...
- python基本语法语句-python学习笔记:基本语法
原标题:python学习笔记:基本语法 缩进:必须使用4个空格来表示每级缩进,支持Tab字符 if语句,经常与else, elif(相当于else if) 配合使用. for语句,迭代器,依次处理迭代 ...
- 廖Python学习笔记一
1. 廖Python学习笔记 大的分类 如函数 用二级标题,下面的用三级 如输入输出 1.1.1. 输入输出 1.1.1.1. 输出 用 print() 在括号里加上字符串,就可以向屏幕上输出指定的文 ...
最新文章
- 一包烟钱买到电动剃须刀,小米有品告诉你什么叫性价比
- 018_Spring+ActiveMQ(消息中间件)
- OpenCASCADE:OCCT应用框架OCAF之功能服务
- HashOperations
- 使用第三方Markdown编辑器编辑为知笔记
- 如何提高使用物联网卡应用的安全性
- matlab2013a文件安装密钥,Matlab2013a软件安装教程
- html5简单画版,sketchpad-简单的HTML5 Canvas涂鸦画板插件
- 深圳超美海边烧烤场 深圳户外烧烤攻略
- 学习笔记|自动驾驶仿真工具-SCANeR studio
- 真正的 AI 内行盛会!
- linux常用命令,自己总结
- 如何采用离线的 Google Map API 加载离线谷歌地图的方法
- 基于Hadoop文件存储系统的研发
- 读《海盗经济学》随笔一
- learning English
- 初中毕业学计算机有啥科目,学好哪些科目最容易成为学霸?初中生学好这几门功课很重要...
- 什么是价值流图?大量的例子
- PHPCMS v9自带截取字符串函数str_cut
- Cocos2d-x Lua库函数剖析(七)Json解析 Json.lua