当前位置:网站首页>Flask learning and project practice 8: introduction and use of cookies and sessions
Flask learning and project practice 8: introduction and use of cookies and sessions
2022-07-06 03:36:00 【Study notes of Zhou】
1.cookie Introduce
cookie: In the initial website ,http Request is stateless . That is to say, even after connecting to the server for the first time and logging in successfully , The second request server still doesn't know which user the current request is .cookie To solve this problem , After the first login, the server returns some data (cookie) To the browser , Then the browser is saved locally , When the user sends a second request , Will automatically store the last request cookie Data is automatically carried to the server , The server can determine the current user through the data carried by the browser .cookie Limited amount of data stored , Different browsers have different storage sizes , But not more than 4KB. Therefore use cookie Only a small amount of data can be stored .
2.session Introduce
session: session and cookie It works a little bit like , It's all about storing user related information . The difference is ,cookie It's stored in a local browser ,session It's an idea 、 A concept 、 A solution of server storing authorization information , Different servers , Different frameworks , Different languages have different implementations . Although the implementation is different , But their purpose is the server to facilitate the storage of data .session Appearance , To solve the problem cookie Unsafe storage of data .
3. Why cookie still more session?
because cookie It's not safe , Just store it in the browser , It is prone to safety problems , So there is session Appearance .cookie Easy to be attacked by hackers .
4.cookie and session Use a combination of
Store on the server : adopt cookie Store a session_id, Then the specific data is stored in session in . If the user is already logged in , Then the server will be in cookie Save a session_id, Next time I ask again , Will put the session_id Bring it up , Server according to session_id stay session Get user's session data . We can know who the user is , And some status information saved before . This technical term is called server side session. Data stored on the server will be more secure , Not easy to be stolen and attacked . But storage on the server has some drawbacks , It will occupy the resources of the server , But now servers have evolved to this day , some session There is more than enough information .
flask In the way : take session Data encryption , Then stored in cookie in . This technical term is called client side session.flask That's how it works , But it can also be replaced with other forms .
5.flask In the operation cookie And session
Set up cookie Have to import response object . stay response These properties can be set in the object .
Then you can find it in the cookie Found in .
obtain cookie The way :( Note that the booster needs to be introduced first request)
for example :from flask import Flask,Response,request,session
Set up session front , Need to set up session Of secret key To use .
It needs to be set as follows : app.config【‘SECRET_KEY’】 = ‘123xxx’
And then there's the setup session 了 .
stay flask in session in Is to encrypt the data first ( As an ordinary string ), And then use session_id As key, Store in cookie Medium .
because session It will be encrypted and stored in cookie in , So sensitive information will be used session Of .
For now session Acquisition :
边栏推荐
- 出现Permission denied的解决办法(750权限谨慎使用)
- Multi project programming minimalist use case
- 指针笔试题~走近大厂
- ASU & OSU | model based regularized off-line meta reinforcement learning
- Schnuka: 3D vision detection application industry machine vision 3D detection
- Restful style
- 施努卡:视觉定位系统 视觉定位系统的工作原理
- Microsoft Research, UIUC & Google research | antagonistic training actor critic based on offline training reinforcement learning
- JS Vanke banner rotation chart JS special effect
- [Qt5] QT QWidget immediately appears and disappears
猜你喜欢
[risc-v] external interrupt
Microsoft Research, UIUC & Google research | antagonistic training actor critic based on offline training reinforcement learning
Pytorch load data
Pointer for in-depth analysis (problem solution)
BUAA calculator (expression calculation - expression tree implementation)
【SLAM】lidar-camera外参标定(港大MarsLab)无需二维码标定板
Tidb ecological tools (backup, migration, import / export) collation
ESBuild & SWC浅谈: 新一代构建工具
Overview of OCR character recognition methods
Princeton University, Peking University & UIUC | offline reinforcement learning with realizability and single strategy concentration
随机推荐
Shell pass parameters
A brief introduction to symbols and link libraries in C language
MPLS experiment
Computer graduation project asp Net fitness management system VS development SQLSERVER database web structure c programming computer web page source code project
Containerization Foundation
js凡客banner轮播图js特效
11. Container with the most water
关于非虚函数的假派生
深度解析指针与数组笔试题
Pytoch foundation - (2) mathematical operation of tensor
Cubemx 移植正点原子LCD显示例程
[slam] lidar camera external parameter calibration (Hong Kong University marslab) does not need a QR code calibration board
施努卡:3d视觉检测应用行业 机器视觉3d检测
MySQL Server层四个日志
How to write compile scripts compatible with arm and x86 (Makefile, cmakelists.txt, shell script)
February 14, 2022 Daily: Google long article summarizes the experience of building four generations of TPU
Force buckle 1189 Maximum number of "balloons"
SWC介绍
Performance analysis of user login TPS low and CPU full
数据分析——seaborn可视化(笔记自用)