- 用户登录,输入用户名和密码与数据库的用户名和密码做对比,正确的话登录成功,否则提示用户名和密码错误
- 保持会话cookie保证已经实现、数据库的操作已经实现好session会话
- 用户登入验证,我们希望用户只需要在第一次登录的时候输入用户名和密码,之后可以自动登录,不需要再次输入用户名和密码,也就是说在用户第二次访问的时候,服务器能够自动的验证用户登录信息,那么如何实现自动验证的功能呢?
- 第一步:导入装饰器
from tornado.web import authenticated
- 第二步:声明 BaseHandler,重写get_current_user()方法
class BaseHandler(tornado.web.RequestHandler):
def get_current_user(self):
current_user = self.get_secure_cookie('username')
if current_user:
return current_user
return None
- 第三步:配置登录路由
def make_app():
return tornado.web.Application(
handlers = [
(r"/main", MainHandler),
(r"/cook_set", Set_cookieHandler),
(r"/cook_get", get_cookieHandler),
(r"/buy", BuyHandler),
],
template_path = 'templates',
debug= True,
login_url = '/main', #主要是这段代码
cookie_secret = 'aasdafsafsdfjfk',
)
- 第四步:装饰需要验证的请求
class BuyHandler(BaseHandler):
@authenticated #装饰器authenticated
def get(self):
self.write('BuyHandler')
具体代码
- login.py
import tornado.ioloop
import tornado.web
import tornado.options #让模块有自定义的模块
from tornado.options import define,options
import tornado.httpserver #启动单线程的http服务
import time
from user_modules import User
from tornado.web import authenticated
define('port',default=8080, help='run port', type=int) #help
class BaseHandler(tornado.web.RequestHandler):
def get_current_user(self):
current_user = self.get_secure_cookie('username')
if current_user:
return current_user
return None
class Set_cookieHandler(tornado.web.RequestHandler):
def get(self):
self.set_cookie('cook1','this_is_cook1')
self.set_cookie('cook2','this_is_cook2',expires_days=1)
self.set_cookie('cook3','this_is_cook3',expires=time.time()+(30))
self.set_secure_cookie('cook6','this_is_secure_cook6')
self.write('cook test')
class get_cookieHandler(tornado.web.RequestHandler):
def get(self):
c1 = self.get_cookie('cook1')
self.write(c1)
self.write('<br>')
c2 = self.get_cookie('cook2')
self.write(str(c2))
c6 = self.get_secure_cookie('cook6')
self.write('<br>')
self.write('cook6')
class MainHandler(tornado.web.RequestHandler):
def get(self):
next = self.get_argument('next','None')
print(next)
self.render('test.html',nextname = next ,error=None)
def post(self, *args, **kwargs):
name = self.get_argument('name', 'OK')
# user = session.query(User).filter(User.username==name).first() #第一种方式
user = User.by_name(name)
passwd = self.get_argument('password', 'None')
next = self.get_argument('next','None')
if user and passwd==user.password:
self.set_secure_cookie('username',name)
# self.render('07base.html',
# username = name
# )
self.redirect(next)
else:
# self.write('用户名或者密码错误')
self.render('test.html',next='/main',error='用户名或者密码错误,请重新登入')
class BuyHandler(BaseHandler):
@authenticated
def get(self):
self.write('BuyHandler')
def make_app():
return tornado.web.Application(
handlers = [
(r"/main", MainHandler),
(r"/cook_set", Set_cookieHandler),
(r"/cook_get", get_cookieHandler),
(r"/buy", BuyHandler),
],
template_path = 'templates',
debug= True,
login_url = '/main',
cookie_secret = 'aasdafsafsdfjfk',
)
if __name__=='__main__':
tornado.options.parse_command_line() #sys.argv
app = make_app()
http_server = tornado.httpserver.HTTPServer(app)
http_server.listen(options.port)
tornado.ioloop.IOLoop.instance().start()
- test.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>tornado</title>
</head>
<body>
{% if error %}
{{ error }}
{% end %}
测试
<form method="post" action="/main?next={{ nextname }}">
<p>用户名<br><input type="text" name="name"></p>
<p>密码<br><input type="password" name="password"></p>
<input type="submit">
</form>
</body>
</html>
orm 操作补充:
session.query(User.username).filter(User.username!=’budong’).all() 先用 all 查看所有的数据
session.query(User.username).filter(User.username!=’budong’).limit(2).all() limit 查看前两条数据
session.query(User.username).filter(User.username!=’budong’).offset(1).all() offset 偏移一条记录
session.query(User.username).filter(User.username!=’budong’).slice(1,3).all()
slice 对查询出来的数据进行切片取值
session.query(User.username).filter(User.username==’tuple’).one() one 查询一条数据,如果存在多条则报错