session.py
import secrets
ALL_USER_DIC = {}
class Session:
def __init__(self, handler):
self.handler = handler
self.random_index_str = None
def __get_random_str(self):
return secrets.token_urlsafe()
def __setitem__(self, key, value):
if not self.random_index_str:
random_index_str = self.handler.get_secure_cookie("__sson__", None)
if not random_index_str:
self.random_index_str = self.__get_random_str()
self.handler.set_secure_cookie('__sson__', self.random_index_str)
ALL_USER_DIC[self.random_index_str] = {}
else:
if self.random_index_str not in ALL_USER_DIC.keys():
self.random_index_str = self.__get_random_str()
ALL_USER_DIC[self.random_index_str] = {}
ALL_USER_DIC[self.random_index_str][key] = value
self.handler.set_secure_cookie('__sson__', self.random_index_str)
def __getitem__(self, key):
self.random_index_str = self.handler.get_secure_cookie('__sson__', None)
if not self.random_index_str:
return None
else:
self.random_index_str = str(self.random_index_str, encoding="utf-8")
current_user = ALL_USER_DIC.get(self.random_index_str, None)
if not current_user:
return None
else:
return current_user.get(key, None)
app.py
import tornado.web
import tornado.ioloop
from session import Session
class BaseHandler(tornado.web.RequestHandler):
def initialize(self):
self.session = Session(self)
class IndexHandler(BaseHandler):
def get(self):
self.render("a.html")
def post(self):
if self.get_argument('name', None) == 'XerCis':
self.session['is_login'] = True
self.session['name'] = self.get_argument('name')
self.redirect('/admin')
else:
self.write('登录失败, 请重新登录!')
class AdminHandler(BaseHandler):
def get(self):
if self.session['is_login']:
self.write('欢迎%s回来.' % (self.session['name']))
else:
self.redirect('/index')
settings = {
"cookie_secret": 'test-secret,',
'template_path': 'template',
}
application = tornado.web.Application([
(r"/index", IndexHandler),
(r"/admin", AdminHandler),
], **settings)
if __name__ == '__main__':
print("http://localhost:7777/admin")
application.listen(7777)
tornado.ioloop.IOLoop.instance().start()
template/a.html
<!DOCTYPE html>
<head>
<title>login</title>
</head>
<body>
<form action="/index" method="post">
name: <input type="text" name="name"><br>
<input type="submit" value="login">
</form>
</body>
</html>
结果
运行app.py
,访问http://localhost:7777/admin
,页面会自动跳转到index
,输入XerCis
,会生成Session并记录,关掉页面后再次访问http://localhost:7777/admin
依然有该Session