通过 session 保存 个人 信息

登录的视图函数中:

def login(request):

    ''' 登录 '''

    err, user, pwd = '', '', ''

    if request.method == 'POST':

        user = request.POST.get('user')

        pwd = request.POST.get('pwd')

        ret = models.UserProfile.objects.filter(username=user, password=my_md5(user, pwd), is_active=True).first()

        # ret = models.UserProfile.objects.filter(username=user, password=pwd, is_active=True).values()

        print(ret)

        if ret:

            return_url = request.GET.get('return_url')

            request.session['user_pk'] = ret.pk

            if return_url:

                return redirect(return_url)

            return redirect(reverse('show:public_customer'))

        else:

            err = '账号或密码错误！'

    return render(request, 'login.html', {'err': err, 'user': user, "pwd": pwd})

中间件中

# 白名单

w_list = ['/login/', '/reg/', '/verification_username/']

# 黑名单

b_list = []

def process_request(self, request):

    # 获取请求的路径

    return_url = request.path_info

	# 判断 白名单

    if return_url in self.w_list or return_url.startswith('/admin/'):

        return

    if return_url in self.b_list:

        return HttpResponse('<h1>This is an illegal URL</h1>')

    # 获取session 的值

    user_pk = request.session.get("user_pk")

    # 判断是否有session

    if user_pk:

        # session 保存的是 用户的id 通过id 获取对象

        user = models.UserProfile.objects.filter(pk=user_pk).first()

        # 将对象保存到 request 中 用于保存用户

        request.user_object = user

        return