[py]tornado2-通过cookie保护页面

tornado2-通过cookie保护页面

相关代码git

代码逻辑关系

class IndexHandler(tornado.web.RequestHandler):    def get(self,*args,**kwargs):        self.render("index.html")class LoginHandler(tornado.web.RequestHandler):    def post(self,*args,**kwargs):        username=self.get_argument("username")        passowrd=self.get_argument("password")        if username == "admin" and passowrd == "admin123":            self.set_cookie("auth","1")            self.redirect("/manager")    def get(self,*args,**kwargs):        self.render("login.html")class ManagerHandler(tornado.web.RequestHandler):    def get(self,*args,**kwargs):        if self.get_cookie("auth")=="1":            self.render("manager.html")        else:            self.redirect("/login")class LogoutHandler(tornado.web.RequestHandler):    def get(self,*args,**kwargs):        self.set_cookie("auth","0")        self.redirect("/login")

manager.html<body><span><a href="/logout">退出</a></span><h1>manager page</h1></body>

功能演示

login页面提示登录失败

效果:

原理:

完整code:

逻辑处理

#!/usr/bin/env python# coding=utf-8import tornado.ioloopimport tornado.web# 业务逻辑处理模块class IndexHandler(tornado.web.RequestHandler):    def get(self, *args, **kwargs):        self.render("index.html")class LoginHandler(tornado.web.RequestHandler):    def post(self, *args, **kwargs):        username = self.get_argument("username")        passowrd = self.get_argument("password")        if username == "admin" and passowrd == "admin123":            self.set_cookie("auth", "1")            self.redirect("/manager")        else:            self.render("login.html",status_text="登录失败")    def get(self, *args, **kwargs):        self.render("login.html",status_text="")class ManagerHandler(tornado.web.RequestHandler):    def get(self, *args, **kwargs):        if self.get_cookie("auth") == "1":            self.render("manager.html")        else:            self.redirect("/login")class LogoutHandler(tornado.web.RequestHandler):    def get(self, *args, **kwargs):        self.set_cookie("auth", "0")        self.redirect("/login")# 配置选项模块settings = {    'template_path': 'template',    'static_path': 'statics',    'static_url_prefix': '/sss/',}# 路由模块application = tornado.web.Application([    (r"/index", IndexHandler),    (r"/manager", ManagerHandler),    (r"/login", LoginHandler),    (r"/logout", LogoutHandler),],    **settings)## wsgi模块if __name__ == "__main__":    application.listen(8888)    tornado.ioloop.IOLoop.instance().start()

前端页面

<!doctype html><html lang="en"><head>    <meta charset="UTF-8">    <meta name="viewport"          content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">    <meta http-equiv="X-UA-Compatible" content="ie=edge">    <title>login</title>    <link rel="stylesheet" href="{{ static_url("common.css") }}"></head><body><form action="/login" method="post">    <input type="text" name="username">    <input type="password" name="password">    <input type="submit" value="提交">    <span style="color: red">{{ status_text }}</span></form></body></html>

实现cookie超时,重新登录; 实现7天免登陆

效果:

原理:

class LoginHandler(tornado.web.RequestHandler):    def post(self, *args, **kwargs):        username = self.get_argument("username")        passowrd = self.get_argument("password")        if username == "admin" and passowrd == "admin123":            r = time.time()+5  ## 设置5s超时            self.set_cookie("auth", "1",expires=r)            self.redirect("/manager")        else:            self.render("login.html",status_text="登录失败")    def get(self, *args, **kwargs):        self.render("login.html",status_text="")

实现7天免登陆

原理

代码:

#!/usr/bin/env python# coding=utf-8import timeimport tornado.ioloopimport tornado.web# 业务逻辑处理模块class IndexHandler(tornado.web.RequestHandler):    def get(self, *args, **kwargs):        self.render("index.html")class LoginHandler(tornado.web.RequestHandler):    def post(self, *args, **kwargs):        username = self.get_argument("username","None")        passowrd = self.get_argument("password","None")        check = self.get_argument("auto","None")        if username == "admin" and passowrd == "admin123":            if check:                self.set_cookie("auth", "1", expires_days=7)            else:                r = time.time()+5                self.set_cookie("auth", "1",expires_days=r)            self.redirect("/manager")        else:            self.render("login.html",status_text="登录失败")    def get(self, *args, **kwargs):        self.render("login.html",status_text="")class ManagerHandler(tornado.web.RequestHandler):    def get(self, *args, **kwargs):        if self.get_cookie("auth") == "1":            self.render("manager.html")        else:            self.redirect("/login")class LogoutHandler(tornado.web.RequestHandler):    def get(self, *args, **kwargs):        self.set_cookie("auth", "0")        self.redirect("/login")# 配置选项模块settings = {    'template_path': 'template',    'static_path': 'statics',    'static_url_prefix': '/sss/',}# 路由模块application = tornado.web.Application([    (r"/index", IndexHandler),    (r"/manager", ManagerHandler),    (r"/login", LoginHandler),    (r"/logout", LogoutHandler),],    **settings)## wsgi模块if __name__ == "__main__":    application.listen(8888)    tornado.ioloop.IOLoop.instance().start()

<!doctype html><html lang="en"><head>    <meta charset="UTF-8">    <meta name="viewport"          content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">    <meta http-equiv="X-UA-Compatible" content="ie=edge">    <title>login</title>    <link rel="stylesheet" href="{{ static_url("common.css") }}"></head><body><form action="/login" method="post">    <input type="text" name="username">    <input type="password" name="password">    <input type="submit" value="登录">    <input type="checkbox" name = "auto" value="1"><span>7天免登录</span>    <span style="color: red">{{ status_text }}</span></form></body></html>

安全的cookie

class LoginHandler(tornado.web.RequestHandler):    def post(self, *args, **kwargs):        username = self.get_argument("username","None")        passowrd = self.get_argument("password","None")        check = self.get_argument("auto","None")        if username == "admin" and passowrd == "admin123":            if check:                self.get_secure_cookie()                self.set_cookie("auth", "1", expires_days=7)            else:                r = time.time()+5                self.set_cookie("auth", "1",expires_days=r)            self.redirect("/manager")        else:            self.render("login.html",status_text="登录失败")    def get(self, *args, **kwargs):        self.render("login.html",status_text="")

# 配置选项模块settings = {    'template_path': 'template',    'static_path': 'statics',    'static_url_prefix': '/sss/',    'cookie_secret':'adfadsfasdfadf',}

代码github地址