# Class 31

---

Django Sessions & CRUD

# Summary 

## Table of Contents
1) [Django Sessions](#django-sessions)
1) **Django CRUD**
    - [Create](#crud-create)
    - [Read](#crud-read)
    - [Update](#crud-update)
    - [Delete](#curd-delete)


# Notes for Today

**Django Sessions**

Stored on the Server side. Not same as cookie. Used for recognizing a user. Server creates a **unique session id** Server recognize user.

Similar to how you **view** a *cookie* we use **request** argument and set a **session**:
`request.session['name'] = 'Thy'`

Now you could get the session by fetching the:
`request.session['name']`

Deleting a session 
`del request.session['name']`

You could expire the session as well by a number of **seconds**

*settings.py*
`SESSION_COOKIE_AGE=600 # 600 seconds`

We could also use a package called:
`pip install django-session-timeout` 

Which helps us timeout a session then we need to add it's **middleware**:
`djagno_session_timeout.middleware.SessionTimeoutMiddleware`

Then set a `SESSION_EXPIRE_SECONDS=120`
We also need to set that Session will expire after it's last activity
`SESSION_EXPIRE_AFTER_LAST_ACTIVITY=True`
And create a redirect when the session does timeout 
`SESSION_TIMEOUT_REDIRECT='home/'`

---

# CRUD

**Reading** all the data within a model:
`User.objects.all()` 

This will give us all the User in our database 
Say we need to click a link in our template and **send an argument**

`<a href='{% url 'update/user.id' %}'>` or...

`<a href='/update/{{ user.id }}'>`

To fetch a **specific** query, we use the `.get()` method with an **identifier**
- `User.objects.get(id=id)`

With the view: `def update(request, id)` and when we fetch an id from the url it has to look like: `path('url_path/<int:id>', views.update)`

**Update**

Check if method is **POST** then fetch the **form**

Fetch **specific item** with all the information from the form 

Then we could update specific fields like:

```python

if (user):
    user.name = uname
    user.password = upassword
    # Make sure we save
    user.save()

```

but make sure you edit template has a form tag directed to the right link and method being post 

`<form action='edit/{{ user_id }}' method='POST'>


**Deleting**

We will need another **ID** so make sure you set up the url with ID 

But in **views** you just:
1) get the specific Model with id 
1) put that within an object and run `object.delete()`


# Summary 

## Table of Contents
1) [Django Sessions](#django-sessions)
1) **Django CRUD**
    - [Create](#crud-create)
    - [Read](#crud-read)
    - [Update](#crud-update)
    - [Delete](#curd-delete)

---

# Djano Sessions

Sessions are similar to *cookies* but instead they **don't** reveal your **keys** and **values**. It's also **server-side** instead of **client-side** like *cookies*. 

Sessions are used with the **request** parameter and creates a **unique session id** for the server to know.

### Creating a Session

We create a session by **setting** a value to a key

```python 

request.session['key'] = value 

``` 

### Viewing a Session 

We could see the **value** for the key we set similar to viewing a **hashmap**

```python

value = request.session['key']
print(value)

```

### Removing a Session Key 

Removing a key from a session is as simple as using the `del` keyword 

```python

del request.session['key']

```

### Session Timeout 

Set to expire session with numbers of **seconds**. We place a constant `SESSION_COOKIE_AGE = s` where *s* is the amount in **seconds** or use a django package called `pip install django-session-timeout`

---

# CRUD 

CRUD is *Create*, *Read*, *Update*, *Delete* 

### CRUD Create

We've seen *create* before with our **Registration** form where we have names on our input field in our templates like: `<input type='password' name='pass'>` 

In our View, we fetched the data in this input field using `password= request.POST['pass']` and then we supplied it to our *User* module: `User.objects.create_user(..., password=password)`

But in general we could use: `Model.objects.create(field=value)`


### CRUD Read

Reading is a little new to us but you could **read all** object in a model with this **Query**: 

`Model.objects.all()`

Or if your **View** accepts an **Identifier** like: `def dmeo(request, id)` and the **Url** accepts an **Identifier** like `path('dmeo_path/<int: id>', views.dmeo )` 

Then we have an **id** which we could **query** a **specific data** from a model with: 

`Model.objects.get(id=id)`

We could also use a **filter** to get **multiple** results with: 

`Models.objects.filter(field=value)`


### CRUD Update

Given that the *view* and *url* accepts an **ID** we could use that edit to query a **specific** data from a Model to *edit*/*update*

To do so we just override some fields like:

`model_object.field = new_value`

But we **always** have to **save** our changes with:

`model_object.save()`


### CRUD Delete 

Deleting is quite similar to updating, we still need the *view* and *url* to accept an **ID**. With that, we just run:

`model_object.delete()`

