陳杰龍的筆記網站
主頁
歸檔
分類
其他
關於我
Cookie & Sessions
Cookies
- Cookies are stored on the client side (in the visitor's browser).
- Cookies are not safe: it's quite easy to read and write cookie contents.
- When using cookies, you have to notify visitors according to european laws (GDPR).
- Expiration can be set, but user or browser can change it.
- Users (or browser) can (be set to) decline the use of cookies.
Sessions
- Sessions are stored on the server side.
- Sessions use cookies (see below).
- Sessions are safer than cookies, but not invulnarable.
- Expiration is set in server configuration (php.ini for example).
- Default expiration time is 24 minutes or when the browser is closed.
- Expiration is reset when the user refreshes or loads a new page.
- Users (or browser) can (be set to) decline the use of cookies, therefore sessions.
- Legally, you also have to notify visitors for the cookie, but the lack of precedent is not clear yet.
Set Cookie
def set_session(request, key=None, value=None):
response = HttpResponse('Session儲存完畢')
request.session[key] = value
return response
response = HttpResponse('Session儲存完畢')
request.session[key] = value
return response
Get Cookie
def get_cookie(request, key=None):
if key in request.COOKIES:
return HttpResponse(f'{key} => {request.COOKIES[key]}')
else:
return HttpResponse("Cookie不存在")
if key in request.COOKIES:
return HttpResponse(f'{key} => {request.COOKIES[key]}')
else:
return HttpResponse("Cookie不存在")
Set Session
def set_session(request, key=None, value=None):
response = HttpResponse('Session儲存完畢')
request.session[key] = value
return response
response = HttpResponse('Session儲存完畢')
request.session[key] = value
return response
Get Session
def get_session(request, key=None):
if key in request.session:
return HttpResponse(f'{key} => {request.session[key]}')
else:
return HttpResponse("Session不存在")
if key in request.session:
return HttpResponse(f'{key} => {request.session[key]}')
else:
return HttpResponse("Session不存在")