Cookie

1. The role of cookies

When the client accesses, the server will generate a `Cookie` key-value pair data for the client and send it to the client through a `Response` response.The next time the client continues to access the same server, the browser client will send this `Cookie` value to the server

2.Application of cookies

views layer

**Set and get cookies**Get: You can get it directly through getclass CookieView(View):# If there is no cookie, set the cookie; if there is, display the current cookiedef get(self, request):cookie_data = request.COOKIES.get('shenfen')if cookie_data is None:resp = HttpResponse('Set cookie')resp.set_cookie('shenfen','kjdl')return respelse:return HttpResponse(f"The current cookie information is {cookie_data}")**Delete COOKIE**Delete: delete the specified key and corresponding valueclass DelCookieView(View):# delete cookiesdef get(self, request):resp = HttpResponse("Delete cookie information")resp.delete_cookie('shenfen')return resp

url layer

 path('cookie/', views.CookieView.as_view()),path('delcookie/', views.DelCookieView.as_view()),

Session

1. Advantages of cookies

Advantages:1. It runs on the server side, which is more secure than cookies2. The data will not be lost and can survive the entire session.Disadvantage:1. Cookies can keep the state of the user when they visit the site

Application of 2.session

views layer

**Set and get session**Get: You can get it directly through getclass SessionView(View):# If the session does not exist, generate a session; if it exists, return session informationdef get(self, request):session_data = request.session.get('money')if session_data is None:request.session['money'] = '10000000'return HttpResponse('set session')else:return HttpResponse(f"session information is: {session_data}")**Delete session**class DelSessionView(View):def get(self, request):if request.session.get('money') is None:return HttpResponse('session does not exist')else:del request.session['money']return HttpResponse("session has been deleted")

url layer

 path('session/', views.SessionView.as_view()),path('delsession/', views.DelSessionView.as_view())

CSRF

csrf's attack process

How to prevent csrf attacks

Add inside the code:{% csrf_token %}

Today's Error Summary

When doing homework,The password in the user table that stores the account password in the game database should be defined by the CharField type. I used the
value type.The password has been wrong.