django

简单的后台管理

1登录注册
2 老师
班级
学员
insert update delete


1.设计表结构

# 班级表
class CLASS(models.Model):
caption = models.CharField(max_length=32)
# 学生表
class STUDENT(models.Model):
name = models.CharField(max_length=32)
cls = models.ForeignKey('CLASS',on_delete=models.CASCADE)
# 教师表
class TEACHER(models.Model):
name = models.CharField(max_length=32)
stu = models.ManyToManyField('CLASS')
# 后台管理表
class ADMINISTRATOR(models.Model):
username = models.CharField(max_length=32)
password = models.CharField(max_length=32)


# 初始化数据表
python manage.py makemigrations
python manage.py migrate


2.登录

form 表单
ajax
用户密码正确
保持会话
session
COOKIE
redirect('/index')
错误 页面提示 用户名或密码错误


3. 保存在客户端
可以主动清除
不能跨域
保存在浏览器的键值对

   

import datetime
datetime.datetime.utcnow()+datetime.detaltime(10)
set_COOKIE 参数 max_age=10,expires=10
path='/'
domain=None


4.通过js 操作COOKIE

jquery.COOKIE.js

​

​

5.加密的COOKIE

response.set_signed_COOKIE("Ab","123456",max_age=10,expires=10,path='/')
if request.get_signed_COOKIE('Ab'):


6.session

session 是服务器端的键值对，依赖于COOKIE机制
session==>key:value
浏览器中保存COOKIE 保存了session的key，下次请求携带key来请求
同一个用户不同浏览器登录是否随机key不一样。在服务端中是否有多条session
request.session['is_login']=True
if request.session.get('is_login'):
request.session.create()
--session是一个字典操作，也可以指定删除 del request.session['is_login']


7.装饰器控制uri访问

def auth(fn):
def inner(request,*args,**kwargs):
if request.session.get('is_login'):
return fn(request,*args,**kwargs)
else:
return redirect('/login')
return inner


8.FBV和CBV

chorme的插件postman插件

from django import views
class longin(views.View):
msg = ""
def post(self,request, *args, **kwargs):
u = request.POST.get("user")
p = request.POST.get("pwd")
if models.ADMINISTRATOR.objects.filter(username=u, password=p).count():
request.session['is_login'] = True
return redirect('/index')
else:
self.msg = "用户或密码错误"
return render(request,'login.html',{"msg":self.msg})
def get(self,request, *args, **kwargs):
return render(request,'login.html')


​

修改url样式

path('login/', views.longin.as_view())

CBV形式下的装饰器

写法一：

from django.utils.decorators import method_decorator
class index(views.View):
@method_decorator(auth)
def get(self,request,*args,**kwargs):
return render(request,'index.html')


写法二：

class userinfo(views.View):
def dispatch(self, request, *args, **kwargs):
if request.session.get('is_login'):
result=views.View.dispatch(self, request, *args, **kwargs)
return result
else:
return redirect('/login')
def get(self,request,*args,**kwargs):
return render(request,'userinfo.html')


写法三：

class userinfo(views.View):
@method_decorator(auth)
def dispatch(self, request, *args, **kwargs):
result=views.View.dispatch(self, request, *args, **kwargs)
return result
def get(self,request,*args,**kwargs):
return render(request,'userinfo.html')


写法四：

@method_decorator(auth,name='dispatch')
class userinfo(views.View):
def dispatch(self, request, *args, **kwargs):
result=views.View.dispatch(self, request, *args, **kwargs)
return result
def get(self,request,*args,**kwargs):
return render(request,'userinfo.html')


Django中使用ajax post向后台传送数据时403 Forbidden (CSRF token missing or incorrect.):的解决办法

书写方式一：

{% csrf_token %}



$("#aja").on("click",function(){
$.ajax({url:"/login1/",
type:"POST",
data:{AA:123,csrfmiddlewaretoken:'{{ csrf_token }}'},
datatype: "JSON",
success:function(data){
console.log(data)
}
})
})


​