def generate_token(ip,username):
c_time = time.ctime()
rd = username
print(ip + rd,c_time)
return hashlib.new('md5', (ip+c_time + rd).encode('utf-8')).hexdigest()
def student_login(request):
if request.method == "GET":
return render(request, 'student_login.html')
elif request.method == "POST":
username = request.POST.get('username')
password = request.POST.get('password')
# 获取客户端的IP地址,造一个唯一的token
ip = request.meta.get('REMOTE_ADDR')
token = generate_token(ip,username)
print(token)
students = Student.objects.filter(s_name=username).filter(s_password=password)
if students.exists():
student = students.first()
student.s_token =token
student.save()
# response=HttpResponse('用户登录成功,创建token: %s' %token)
response=redirect(reverse('app:student_mine'))
# response.set_cookie('token',token)
# return response
data={
'status':200,
'msg':'用户名密码正确',
'token':token,
}
return JsonResponse(data=data)
else:
return HttpResponse('登录错误')
def student_mine(request):
# token=request.cookieS.get('token')
# http://127.0.0.1:8000/app/studentmine/?token=49e23117db3f2bf72fc06d568d2d53b2
token = request.GET.get('token')
print(token)
try:
student= Student.objects.get(s_token=token)
except Exception as e:
return redirect(reverse('app:student_login'))
return HttpResponse('学生个人中心 %s' %student.s_name)
Django 默认是开启crsf的安全机制
会在post的加入token认证
需要在post中 加入 {% csrf_token %}
Login登录
