我在Tornado中编写了登录和注销处理程序,用于登录Google外部服务。
处理程序如下:
###############################################################################
# Manage login requests using Google authentication
###############################################################################
class AuthLoginHandler(BaseHandler, tornado.auth.GoogleMixin):
@tornado.web.asynchronous
def get(self):
if self.get_argument("openid.mode", None):
self.get_authenticated_user(self.async_callback(self._on_auth))
return
self.authenticate_redirect()
# Authentication-OK callback.
# Save user info on the first connection.
# Only save a last-login timestamp otherwise.
def _on_auth(self, user):
if not user:
raise tornado.web.HTTPError(500, "Google auth failed")
str_time = datetime.datetime.now().isoformat()
usr = self.db.get("SELECT * FROM users WHERE email=%s", user["email"])
if not usr:
# Create user entry in the WSN-database
self.lock_tables("write", ['users'])
usr_id = self.db.execute("INSERT INTO users (email, name, last_access) \
VALUES (%s,%s,%s)",
user["email"], user["name"], str_time)
self.unlock_tables()
else:
self.lock_tables("write", ['users'])
usr_id = usr["id"]
self.db.execute("UPDATE users SET last_access=%s WHERE id=%s",
str_time, usr_id)
self.unlock_tables()
self.set_secure_cookie("user", str(usr_id))
self.info("Hello <b>" + user["name"] + "</b>!")
self.redirect(self.get_argument("next", "/"))
# Do not log Login info
def _log(self):
pass
################################################################################
# Logout handler. Simply clear the "user" cookie and redirect to homepage.
################################################################################
class AuthLogoutHandler(BaseHandler, tornado.auth.GoogleMixin):
def get(self):
self.clear_cookie("user")
self.notice("You have successfully logged out")
self.redirect("/")
我想,当用户退出时,点击他没有登录的浏览器的后退按钮。换句话说,我会认为后退按钮不起作用...相反,如果我退出用户,如果他点击后退按钮,他可以在网页中导航,就像他总是登录一样..
有什么建议吗?谢谢。
答案 0 :(得分:1)
我认为通过后退按钮导航到的页面位于浏览器的缓存中。尝试键入F5重新加载页面,看看用户是否仍然登录。