简单的后台管理
1登录注册
2 老师
班级
学员
insert update delete
1.设计表结构
# 班级表
class CLASS(models.Model):
caption = models.CharField(max_length=32)
# 学生表
class STUDENT(models.Model):
name = models.CharField(max_length=32)
cls = models.ForeignKey('CLASS',on_delete=models.CASCADE)
# 教师表
class TEACHER(models.Model):
name = models.CharField(max_length=32)
stu = models.ManyToManyField('CLASS')
# 后台管理表
class ADMINISTRATOR(models.Model):
username = models.CharField(max_length=32)
password = models.CharField(max_length=32)
# 初始化数据表
python manage.py makemigrations
python manage.py migrate
2.登录
form 表单
ajax
用户密码正确
保持会话
session
cookie
redirect('/index')
错误 页面提示 <span>用户名或密码错误</span>
-
保存在客户端 可以主动清除 不能跨域 保存在浏览器的键值对
import datetime
datetime.datetime.utcnow()+datetime.detaltime(10)
set_cookie 参数 max_age=10,expires=10
path='/'
domain=None
4.通过js 操作cookie
jquery.cookie.js
5.加密的cookie
response.set_signed_cookie("Ab","123456",max_age=10,expires=10,path='/')
if request.get_signed_cookie('Ab'):
6.session
session 是服务器端的键值对,依赖于cookie机制
session==>key:value
浏览器中保存cookie 保存了session的key,下次请求携带key来请求
同一个用户不同浏览器登录是否随机key不一样。在服务端中是否有多条session
request.session['is_login']=True
if request.session.get('is_login'):
request.session.create()
--session是一个字典操作,也可以指定删除 del request.session['is_login']
7.装饰器控制uri访问
def auth(fn):
def inner(request,*args,**kwargs):
if request.session.get('is_login'):
return fn(request,*args,**kwargs)
else:
return redirect('/login')
return inner
8.FBV和CBV
chorme的插件postman插件
from django import views
class longin(views.View):
msg = ""
def post(self,request, *args, **kwargs):
u = request.POST.get("user")
p = request.POST.get("pwd")
if models.ADMINISTRATOR.objects.filter(username=u, password=p).count():
request.session['is_login'] = True
return redirect('/index')
else:
self.msg = "用户或密码错误"
return render(request,'login.html',{"msg":self.msg})
def get(self,request, *args, **kwargs):
return render(request,'login.html')
修改url样式
path('login/', views.longin.as_view())
CBV形式下的装饰器
写法一:
from django.utils.decorators import method_decorator
class index(views.View):
@method_decorator(auth)
def get(self,request,*args,**kwargs):
return render(request,'index.html')
写法二:
class userinfo(views.View):
def dispatch(self, request, *args, **kwargs):
if request.session.get('is_login'):
result=views.View.dispatch(self, request, *args, **kwargs)
return result
else:
return redirect('/login')
def get(self,request,*args,**kwargs):
return render(request,'userinfo.html')
写法三:
class userinfo(views.View):
@method_decorator(auth)
def dispatch(self, request, *args, **kwargs):
result=views.View.dispatch(self, request, *args, **kwargs)
return result
def get(self,request,*args,**kwargs):
return render(request,'userinfo.html')
写法四:
@method_decorator(auth,name='dispatch')
class userinfo(views.View):
def dispatch(self, request, *args, **kwargs):
result=views.View.dispatch(self, request, *args, **kwargs)
return result
def get(self,request,*args,**kwargs):
return render(request,'userinfo.html')
Django中使用ajax post向后台传送数据时403 Forbidden (CSRF token missing or incorrect.):的解决办法
书写方式一:
{% csrf_token %}
<input type="text" name="username">
<input type="submit" id="aja"></input>
<script src="/static/jquery-3.5.1.js"></script>
<script>$("#aja").on("click",function(){
$.ajax({url:"/login1/",
type:"POST",
data:{AA:123,csrfmiddlewaretoken:$('[name="csrfmiddlewaretoken"]').val()},
datatype: "JSON",
success:function(data){
console.log(data)
}
})
})
书写方式二:
<input type="text" name="username">
<input type="submit" id="aja"></input>
<script src="/static/jquery-3.5.1.js"></script>
<script>
$("#aja").on("click",function(){
$.ajax({url:"/login1/",
type:"POST",
data:{AA:123,csrfmiddlewaretoken:'{{ csrf_token }}'},
datatype: "JSON",
success:function(data){
console.log(data)
}
})
})