我在用户登录帐户后,在 flask(python框架)中使用用户的电子邮件ID创建了会话。好吧,当我交叉检查它时,它的工作正常并创建了会话。它的网址是"http://localhost:5000/login"。但是,当用户点击浏览器中的注销按钮时,我发现会话无效 ..(我不知道,虽然我在登录时创建了会话)。
我的ajax代码在 apache2服务器上运行为"http://localhost:80/index.html"。
当我使用 curl 进行交叉检查时,它的工作正常。但是,对于浏览器,当我点击注销按钮时,我在终端(ubuntu)上找到您的会话已过期但是,我在登录时创建。
此处登录的 Ajax代码 index.html
// Login ajax python
$("#btn_login").click(function(){
var txt1 = $("#txt1").val();
var txt3 = $("#txt3").val();
console.log("text: ", txt1, txt3);
var a = {"username": txt1, "password": txt3, "type": "login"};
$.ajax(
{
url: "http://localhost:5000/login",
type: "POST",
headers: {"Content-Type": "application/json"},
data: JSON.stringify(a),
dataType: "json",
success: function(response) {
console.log("Response from Python: ", response);
var output = response.result;
$("#show_msg").html("Mengego says: " + output.message + " " + output.user);
},
error: function(err) {
console.log("error: " + err);
}
}
);
});
以下注销的 Ajax代码 index.html
// Logout
$("#logout").click(function(){
$.ajax(
{
url: "http://localhost:5000/logout",
type: "POST",
headers: {"Content-Type": "application/json"},
success: function(response) {
console.log("Response from Python: ", response);
var output = response.result;
$("#show_msg").html("Output of Logout: " + output.message);
},
error: function(err) {
console.log("error: " + err);
}
}
);
});
以下登录 登录 " user.py"
的一部分@user_api.route("/login", methods=['POST'])
def login():
returning_data = {}
try:
form_params = request.json
username = form_params["username"]
password = form_params["password"]
sql = "SELECT username, password FROM user WHERE username = '" + username + "' AND password = '" + password + "'"
results = obj_connect.executeFetch(sql)
if len(results) == 0:
returning_data = { "message": "You enter incorrect username or password..", "user": []}
else:
sql = "SELECT email FROM user WHERE username = '" + username + "' AND password = '" + password + "'"
results = obj_connect.executeFetch(sql)
# session creation
session['email'] = results[0][0]
print "session key is ", session['email']
print "session is ", session
session.permanent = True
returning_data = { "message": "Welcome!!!...", "user": username}
except Exception:
print traceback.format_exc()
returning_data = { "message": "Error during Login" }
return jsonify({"result": returning_data})
Below is flask code for logout part of **"user.py"**
@user_api.route("/logout", methods=['POST'])
def logout():
print "ses", session
returning_data = {}
try:
if 'email' in session:
print "your session is alive"
else:
print "your session expired"
session.clear()
if 'email' in session:
print "your session is still alive"
else:
print "your session already expired"
returning_data = { "message": "You are Logout Now...." }
except Exception:
print traceback.format_exc()
returning_data = { "message": "Failure in Logout" }
return jsonify({"result": returning_data})
现在,在注销部分的上述代码中,当我点击时,我在终端(ubuntu)上获得了以下输出来自浏览器的注销按钮....
当前错误的输出:
your session expired
your session already expired
预期输出:
your session is alive
your session already expired
请帮帮我..
答案 0 :(得分:0)
您应该在Flask全局对象中存储信息,以便在每个请求的整个生命周期内保留信息,并使用请求对象获取随每个请求发送的信息。
from flask import g, request
通过这种方式,您可以检查g对象上的值(因为它是字典),然后根据设置值登录/注销。
例如:
当您登录时g.session = "session key",然后在您退出时g.session = None。
注意:这假设您在处理请求之前检查数据库中的登录凭据或烧瓶应用中的某些设定值。
答案 1 :(得分:-2)
尝试在Ajax请求中包含以下选项: - optionxhrFields:{withCredentials:true}