Shulou(Shulou.com)06/03 Report--

This article mainly introduces the Django framework conversation technology example analysis, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.

The details are as follows:

Conversational technology

1 、 Cookie

Client session technology (data is stored on the client)

Storage in the form of key-value

The operation of cookie is realized through Response.

Typical scene

Shopping Cart

Login information

Support expiration time

Cookie cleanup policy

Cookie clears automatically when the browser is closed by default

Configure Cookie expiration time

The max-age=0 becomes invalid when it is closed.

Max-age=None is permanently valid

Max-age = int unit second

Expiration time of expires, which is basically the same as that of max-age.

When the user logs out, the cookie (token) is cleared.

2 、 Session

Server-side conversation technology

Session depends on Cookie

The session_key of Session in the database is stored in cookie as sessionid

Session data is stored in the database and basic data security processing (base64 coding) is done.

3 、 Token

Server-side conversation technology

Equivalent to manual implementation of session

The value should be unique.

To ensure uniqueness through a specific algorithm

time

Ip

domain name

Network card mac

Random number

4. Solve the pain point

Resolve the problem that the short connection cannot save the user's state

Extends the lifecycle of the request

User management instance

The password is opaque to everyone.

User registration

Store data in a database

Data security

User login

Check the information submitted by the login and the information in the database

To return unsuccessful results, you should deliberately blur the concept.

User information

According to the unique identity of the user, to obtain the user

User exit

Clear token

Clean up cookie,session, or token

5. Data security

strategy

Server data should be invisible to anyone (opaque)

You can use common summary algorithms to summarize data (md5,sha)

Add security measures to all places where data is validated

6. Summary algorithm

Hashlib

The output defaults to 128-bit binary numbers

32-bit hexadecimal number

Even if the original message is changed a little, the message digest generated by the tampered version of the message will be quite different from the message digest generated by the original message.

Sha

Md5

Used to verify data integrity (not tampered with)

Unified output

Unidirectional irreversibility

7 、 UUID

Unique identification

Nanosecond time

1ns creates 1m id

Mac address

Machine coding

Random number

Uuid

Uuid1 ()

Uuid3 ()

Uuid4 ()

Uuid5 ()

8. Commonly used API

Generate message digest

Def generate_password (password): # define algorithm sha = hashlib.sha512 () # update algorithm content area (password bytes) sha.update (password.encode ("utf-8")) # generate summary return sha.hexdigest () using algorithm

Cookie

Response.set_cookie ("uname", username) response.set_cookie ("uname", username, max_age=30) response.set_cookie ("uname", username, expires=timedelta (minutes=1)) uname = request.COOKIES.get ('uname',None) response.delete_cookie ("uname")

Mnemonic

The operation client can only use the Response object

The method is nothing but get,set,delete

Session

-uname = request.session.get ('uname')-request.session [' uname'] = username- request.session.flush ()-clears both cookie and session- del request.session ['uname']

Mnemonic

Session exists locally on the server side, and sessionid is stored in the COOKIE of Request, so the user's session is associated through the Request object.

The method is nothing but get,set,del,flush

Token

Response.set_cookie ("utoken", token) utoken = request.COOKIES.get ("utoken") Thank you for reading this article carefully. I hope the article "sample Analysis of Django Framework conversation Technology" shared by the editor will be helpful to you. At the same time, I also hope that you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.