django，mysql,全栈 搭建的web.seesion,cookie权限

from django.shortcuts import render from django.template import loader from django.http import request from django.http import HttpResponse,HttpResponseRedirect from django.template import loader from .models import User,Note import hashlib def reg_view(request): if request.method == 'GET': #fanhuiyemian return render(request,'register.html') elif request.method == 'POST': username = request.POST['username'] password_1 = request.POST['password_1'] password_2 = request.POST['password_2'] m = hashlib.md5() m.update(password_1.encode()) password_m = m.hexdigest() if password_1 != password_2: #1.password test return HttpResponse('please print again!') #2.sure username to use old_users = User.objects.filter(username=username) if old_users: return HttpResponse('the name has existed!') #3.insert datas[give the password a hash] try: user=User.objects.create(username=username,password=password_m) except Exception as e: print(f'{e}') return HttpResponse('it has rigisted fang zhi bing fa daozhi de cuowu ') #miandengluyitian request.session['username'] = username request.session['uid'] = user.id #todo xiugai session chucun shijian wei 1 tian return HttpResponseRedirect('/user/index') def login_view(request): if request.method == 'GET': #huo de denglujiemian check the login status if request.session.get('username') and request.session.get('uid'): return HttpResponseRedirect('/user/index') #check Cookies c_username = request.COOKIES.get('username') c_uid = request.COOKIES.get('uid') if c_username and c_uid: #return write session request.session['username'] = c_username request.session['uid'] = c_uid return HttpResponseRedirect('/user/index') return render(request,'login.html') elif request.method == 'POST': username = request.POST['username'] password = request.POST['password'] try: user = User.objects.get(username=username) except Exception as e: print(f'%s'%(e)) return HttpResponse('username or password was wrong!') m = hashlib.md5() m.update(password.encode()) if m.hexdigest() != user.password: return HttpResponse('username or password was wrong!') request.session['username'] = username request.session['uid'] = user.id resp=HttpResponseRedirect('/user/index') #cun Cookie if "remember" in request.POST: resp.set_cookie('username',username,3600*24*3) resp.set_cookie('uid',user.id,3600*24*3) return resp def index_view(request): return render(request,'index.html') def check_login(fn): def wrap(request,*args,**kwargs): if 'username' not in request.session or 'uid' not in request.session: #CHECK COOKIES c_username = request.COOKIES.get('username') c_uid = request.COOKIES.get('uid') if not c_username or not c_uid: return HttpResponseRedirect('/user/login') else: #return write session request.session['username'] = c_username request.session['uid'] = c_uid return fn(request,*args,**kwargs) return wrap @check_login def add_note(request): if request.method == 'GET': return render(request,'note.html') elif request.method == 'POST': uid = request.session['uid'] title = request.POST['title'] content = request.POST['content'] Note.objects.create(title=title,content=content,user_id=uid) return HttpResponseRedirect('/user/content') def logout_view(request): #del session if 'username' in request.session: del request.session['username'] if 'uid' in request.session: del request.session['uid'] resp = HttpResponseRedirect('/index') if 'username' in request.COOKIES: resp.delete_cookie('username') if 'uid' in request.COOKIES: resp.delete_cookie('uid') return resp def content_view(request): if request.method == 'GET': queryset=[item['title'] for item in Note.objects.all().values()] queryset1=[item['content'] for item in Note.objects.all().values()] return render(request,'content.html',{'title':queryset,'content':queryset1})