通过 session 保存 个人 信息
登录的视图函数中:
def login(request):
''' 登录 '''
err, user, pwd = '', '', ''
if request.method == 'POST':
user = request.POST.get('user')
pwd = request.POST.get('pwd')
ret = models.UserProfile.objects.filter(username=user, password=my_md5(user, pwd), is_active=True).first()
# ret = models.UserProfile.objects.filter(username=user, password=pwd, is_active=True).values()
print(ret)
if ret:
return_url = request.GET.get('return_url')
request.session['user_pk'] = ret.pk
if return_url:
return redirect(return_url)
return redirect(reverse('show:public_customer'))
else:
err = '账号或密码错误!'
return render(request, 'login.html', {'err': err, 'user': user, "pwd": pwd})
中间件中
# 白名单
w_list = ['/login/', '/reg/', '/verification_username/']
# 黑名单
b_list = []
def process_request(self, request):
# 获取请求的路径
return_url = request.path_info
# 判断 白名单
if return_url in self.w_list or return_url.startswith('/admin/'):
return
if return_url in self.b_list:
return HttpResponse('<h1>This is an illegal URL</h1>')
# 获取session 的值
user_pk = request.session.get("user_pk")
# 判断是否有session
if user_pk:
# session 保存的是 用户的id 通过id 获取对象
user = models.UserProfile.objects.filter(pk=user_pk).first()
# 将对象保存到 request 中 用于保存用户
request.user_object = user
return