session权限限制
当flask基于session限制用户访问页面时,有三种实现方式;固然,咱们从最low的版本开始:html
from datetime import timedelta class Config(object): DEBUG = False TESTING = False SECRET_KEY = "asdfasdfas23" DATABASE_URI = 'sqlite://:memory:' SESSION_COOKIE_NAME = 'session' SESSION_COOKIE_DOMAIN = None SESSION_COOKIE_PATH = None SESSION_COOKIE_HTTPONLY = True SESSION_COOKIE_SECURE = False SESSION_REFRESH_EACH_REQUEST = True PERMANENT_SESSION_LIFETIME = timedelta(hours=1) class ProductionConfig(Config): DATABASE_URI = 'mysql://user@localhost/foo' class DevelopmentConfig(Config): DEBUG = True class TestingConfig(Config): TESTING = True
from flask import Flask,render_template,request,redirect,session,url_for,jsonify,make_response app = Flask(__name__) app.config.from_object("settings.DevelopmentConfig") # app.secret_key = 'xxxxxxxx' STUDENT_DICT = { 1:{'name':'王龙泰','age':38,'gender':'中'}, 2:{'name':'小东北','age':73,'gender':'男'}, 3:{'name':'田硕','age':84,'gender':'男'}, } @app.route('/login',methods=["GET","POST"]) def login(): if request.method == 'GET': return render_template('login.html') user = request.form.get('user') pwd = request.form.get('pwd') if user == 'test' and pwd == '666': session['user'] = user return redirect('/index') return render_template('login.html',error='用户名或密码错误') @app.route('/index') def index(): user = session.get('user') if not user: return redirect('/login') return render_template('index.html',stu_dic=STUDENT_DICT) @app.route('/delete/<int:nid>') def delete(nid): user = session.get('user') if not user: return redirect('/login') del STUDENT_DICT[nid] return redirect(url_for('index')) @app.route('/detail/<int:nid>') def detail(nid): user = session.get('user') if not user: return redirect('/login') info = STUDENT_DICT[nid] return render_template('detail.html',info=info) if __name__ == '__main__': app.run()
使用装饰器版本:mysql
from flask import Flask,render_template,request,redirect,session,url_for,jsonify,make_response app = Flask(__name__) app.config.from_object("settings.DevelopmentConfig") # app.secret_key = 'xxxxxxxx' 已在配置文件中设置,再也不在这里进行加盐 def func1(func): def inner(*args,**kwargs): user = session.get('user') if not user: return redirect('/login') ret = func(*args,**kwargs) return ret return inner STUDENT_DICT = { 1:{'name':'王龙泰','age':38,'gender':'中'}, 2:{'name':'小东北','age':73,'gender':'男'}, 3:{'name':'田硕','age':84,'gender':'男'}, } @app.route('/login',methods=["GET","POST"]) def login(): if request.method == 'GET': return render_template('login.html') user = request.form.get('user') pwd = request.form.get('pwd') if user == 'test' and pwd == '666': session['user'] = user return redirect('/index') return render_template('login.html',error='用户名或密码错误') @app.route('/index') func1 def index(): return render_template('index.html',stu_dic=STUDENT_DICT) @app.route('/delete/<int:nid>') @func1 def delete(nid): del STUDENT_DICT[nid] return redirect(url_for('index')) @app.route('/detail/<int:nid>') @func1 def detail(nid): info = STUDENT_DICT[nid] return render_template('detail.html',info=info) if __name__ == '__main__': app.run()
此时运行程序会出现以下错误:sql
AssertionError: View function mapping is overwriting an existing endpoint function: innerjson
出现此错误是由于视图index、delete、detail都使用了装饰器,此时这三个视图函数都指向inner函数,致使此报错。flask
解决方法以下:session
import functools def func1(func): @functools.wraps(func) def inner(*args,**kwargs): user = session.get('user') if not user: return redirect('/login') ret = func(*args,**kwargs) return ret return inner
版本3:app
@app.before_request def xzxx(): if request.path == '/login': return None if session.get('user'): return None return redirect('/login')
补充:关于多个函数使用装饰器时指向inner函数示例:ide
def auth(func): def inner(*args,**kwargs): ret = func(*args,**kwargs) return ret return inner @auth def index(): print('index') @auth def detail(): print('detail') print(index.__name__) print(detail.__name__)
import functools def auth(func): @functools.wraps(func) def inner(*args,**kwargs): ret = func(*args,**kwargs) return ret return inner @auth def index(): print('index') @auth def detail(): print('detail') print(index.__name__) print(detail.__name__)
相关文章
- 1. session权限限制
- 2. 利用session控制权限
- 3. kubernetes daahboard权限限制
- 4. linux下限制su权限
- 5. 权限控制
- 6. 登陆权限验证session
- 7. MySQL中用户权限、库权限、表权限的控制
- 8. 项目权限控制(1)-访问权限,字段权限
- 9. 前端B端权限控制【资源权限,数据权限】
- 10. gerrit权限控制
- 更多相关文章...
- • XSD 限定 / Facets - XML Schema 教程
- • MySQL删除用户权限(REVOKE) - MySQL教程
- • Docker容器实战(六) - 容器的隔离与限制
- • 漫谈MySQL的锁机制
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
欢迎关注本站公众号,获取更多信息
相关文章
- 1. session权限限制
- 2. 利用session控制权限
- 3. kubernetes daahboard权限限制
- 4. linux下限制su权限
- 5. 权限控制
- 6. 登陆权限验证session
- 7. MySQL中用户权限、库权限、表权限的控制
- 8. 项目权限控制(1)-访问权限,字段权限
- 9. 前端B端权限控制【资源权限,数据权限】
- 10. gerrit权限控制