通過 session 保存 個人 信息
登錄的視圖函數中:
def login(request):
''' 登錄 '''
err, user, pwd = '', '', ''
if request.method == 'POST':
user = request.POST.get('user')
pwd = request.POST.get('pwd')
ret = models.UserProfile.objects.filter(username=user, password=my_md5(user, pwd), is_active=True).first()
# ret = models.UserProfile.objects.filter(username=user, password=pwd, is_active=True).values()
print(ret)
if ret:
return_url = request.GET.get('return_url')
request.session['user_pk'] = ret.pk
if return_url:
return redirect(return_url)
return redirect(reverse('show:public_customer'))
else:
err = '賬號或密碼錯誤!'
return render(request, 'login.html', {'err': err, 'user': user, "pwd": pwd})
中間件中
# 白名單
w_list = ['/login/', '/reg/', '/verification_username/']
# 黑名單
b_list = []
def process_request(self, request):
# 獲取請求的路徑
return_url = request.path_info
# 判斷 白名單
if return_url in self.w_list or return_url.startswith('/admin/'):
return
if return_url in self.b_list:
return HttpResponse('<h1>This is an illegal URL</h1>')
# 獲取session 的值
user_pk = request.session.get("user_pk")
# 判斷是否有session
if user_pk:
# session 保存的是 用戶的id 通過id 獲取對象
user = models.UserProfile.objects.filter(pk=user_pk).first()
# 將對象保存到 request 中 用於保存用戶
request.user_object = user
return