/
10c-spletna-storitev.html
592 lines (443 loc) · 30.9 KB
/
10c-spletna-storitev.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
<!DOCTYPE html>
<html lang="en" >
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="generator" content="Docutils 0.18.1: http://docutils.sourceforge.net/" />
<title>*Spletna storitev — Uvod v programiranje</title>
<script data-cfasync="false">
document.documentElement.dataset.mode = localStorage.getItem("mode") || "";
document.documentElement.dataset.theme = localStorage.getItem("theme") || "light";
</script>
<!-- Loaded before other Sphinx assets -->
<link href="_static/styles/theme.css?digest=12da95d707ffb74b382d" rel="stylesheet" />
<link href="_static/styles/bootstrap.css?digest=12da95d707ffb74b382d" rel="stylesheet" />
<link href="_static/styles/pydata-sphinx-theme.css?digest=12da95d707ffb74b382d" rel="stylesheet" />
<link href="_static/vendor/fontawesome/6.1.2/css/all.min.css?digest=12da95d707ffb74b382d" rel="stylesheet" />
<link rel="preload" as="font" type="font/woff2" crossorigin href="_static/vendor/fontawesome/6.1.2/webfonts/fa-solid-900.woff2" />
<link rel="preload" as="font" type="font/woff2" crossorigin href="_static/vendor/fontawesome/6.1.2/webfonts/fa-brands-400.woff2" />
<link rel="preload" as="font" type="font/woff2" crossorigin href="_static/vendor/fontawesome/6.1.2/webfonts/fa-regular-400.woff2" />
<link rel="stylesheet" type="text/css" href="_static/pygments.css" />
<link rel="stylesheet" href="_static/styles/sphinx-book-theme.css?digest=14f4ca6b54d191a8c7657f6c759bf11a5fb86285" type="text/css" />
<link rel="stylesheet" type="text/css" href="_static/togglebutton.css" />
<link rel="stylesheet" type="text/css" href="_static/copybutton.css" />
<link rel="stylesheet" type="text/css" href="_static/mystnb.4510f1fc1dee50b3e5859aac5469c37c29e427902b24a333a5f9fcb2f0b3ac41.css" />
<link rel="stylesheet" type="text/css" href="_static/sphinx-thebe.css" />
<link rel="stylesheet" type="text/css" href="_static/design-style.4045f2051d55cab465a707391d5b2007.min.css" />
<!-- Pre-loaded scripts that we'll load fully later -->
<link rel="preload" as="script" href="_static/scripts/bootstrap.js?digest=12da95d707ffb74b382d" />
<link rel="preload" as="script" href="_static/scripts/pydata-sphinx-theme.js?digest=12da95d707ffb74b382d" />
<script data-url_root="./" id="documentation_options" src="_static/documentation_options.js"></script>
<script src="_static/jquery.js"></script>
<script src="_static/underscore.js"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js"></script>
<script src="_static/doctools.js"></script>
<script src="_static/clipboard.min.js"></script>
<script src="_static/copybutton.js"></script>
<script src="_static/scripts/sphinx-book-theme.js?digest=5a5c038af52cf7bc1a1ec88eea08e6366ee68824"></script>
<script>let toggleHintShow = 'Click to show';</script>
<script>let toggleHintHide = 'Click to hide';</script>
<script>let toggleOpenOnPrint = 'true';</script>
<script src="_static/togglebutton.js"></script>
<script>var togglebuttonSelector = '.toggle, .admonition.dropdown';</script>
<script src="_static/design-tabs.js"></script>
<script>const THEBE_JS_URL = "https://unpkg.com/thebe@0.8.2/lib/index.js"
const thebe_selector = ".thebe,.cell"
const thebe_selector_input = "pre"
const thebe_selector_output = ".output, .cell_output"
</script>
<script async="async" src="_static/sphinx-thebe.js"></script>
<script>DOCUMENTATION_OPTIONS.pagename = '10c-spletna-storitev';</script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
<link rel="next" title="Regularni izrazi" href="11-regularni-izrazi.html" />
<link rel="prev" title="*Spletni vmesnik" href="10b-spletni-vmesnik.html" />
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<meta name="docsearch:language" content="en"/>
</head>
<body data-bs-spy="scroll" data-bs-target=".bd-toc-nav" data-offset="180" data-bs-root-margin="0px 0px -60%" data-default-mode="">
<a class="skip-link" href="#main-content">Skip to main content</a>
<input type="checkbox"
class="sidebar-toggle"
name="__primary"
id="__primary"/>
<label class="overlay overlay-primary" for="__primary"></label>
<input type="checkbox"
class="sidebar-toggle"
name="__secondary"
id="__secondary"/>
<label class="overlay overlay-secondary" for="__secondary"></label>
<div class="search-button__wrapper">
<div class="search-button__overlay"></div>
<div class="search-button__search-container">
<form class="bd-search d-flex align-items-center"
action="search.html"
method="get">
<i class="fa-solid fa-magnifying-glass"></i>
<input type="search"
class="form-control"
name="q"
id="search-input"
placeholder="Search this book..."
aria-label="Search this book..."
autocomplete="off"
autocorrect="off"
autocapitalize="off"
spellcheck="false"/>
<span class="search-button__kbd-shortcut"><kbd class="kbd-shortcut__modifier">Ctrl</kbd>+<kbd>K</kbd></span>
</form></div>
</div>
<nav class="bd-header navbar navbar-expand-lg bd-navbar">
</nav>
<div class="bd-container">
<div class="bd-container__inner bd-page-width">
<div class="bd-sidebar-primary bd-sidebar">
<div class="sidebar-header-items sidebar-primary__section">
</div>
<div class="sidebar-primary-items__start sidebar-primary__section">
<div class="sidebar-primary-item">
<a class="navbar-brand logo" href="00-uvod.html">
<p class="title logo__title">Uvod v programiranje</p>
</a></div>
<div class="sidebar-primary-item"><nav class="bd-links" id="bd-docs-nav" aria-label="Main">
<div class="bd-toc-item navbar-nav active">
<ul class="nav bd-sidenav bd-sidenav__home-link">
<li class="toctree-l1">
<a class="reference internal" href="00-uvod.html">
Uvod v programiranje
</a>
</li>
</ul>
<p aria-level="2" class="caption" role="heading"><span class="caption-text">Osnove Pythona</span></p>
<ul class="nav bd-sidenav">
<li class="toctree-l1"><a class="reference internal" href="01-uvod-v-python.html">Uvod v Python</a></li>
<li class="toctree-l1"><a class="reference internal" href="02-rekurzija.html">Rekurzija</a></li>
<li class="toctree-l1"><a class="reference internal" href="03-nizi.html">Nizi</a></li>
<li class="toctree-l1"><a class="reference internal" href="04-zanke.html">Zanke</a></li>
<li class="toctree-l1"><a class="reference internal" href="05-seznami-in-nabori.html">Seznami & nabori</a></li>
<li class="toctree-l1"><a class="reference internal" href="07-slovarji-in-mnozice.html">Slovarji & množice</a></li>
<li class="toctree-l1"><a class="reference internal" href="08-razredi.html">Razredi</a></li>
<li class="toctree-l1"><a class="reference internal" href="09-datoteke.html">Datoteke</a></li>
</ul>
<p aria-level="2" class="caption" role="heading"><span class="caption-text">Pisanje večjih programov</span></p>
<ul class="current nav bd-sidenav">
<li class="toctree-l1"><a class="reference internal" href="10a-tekstovni-vmesnik.html">*Tekstovni vmesnik</a></li>
<li class="toctree-l1"><a class="reference internal" href="10-nadzor-razlicic.html">Nadzor različic</a></li>
<li class="toctree-l1"><a class="reference internal" href="10b-spletni-vmesnik.html">*Spletni vmesnik</a></li>
<li class="toctree-l1 current active"><a class="current reference internal" href="#">*Spletna storitev</a></li>
</ul>
<p aria-level="2" class="caption" role="heading"><span class="caption-text">Analiza podatkov</span></p>
<ul class="nav bd-sidenav">
<li class="toctree-l1"><a class="reference internal" href="11-regularni-izrazi.html">Regularni izrazi</a></li>
<li class="toctree-l1"><a class="reference internal" href="12-zajem-podatkov.html">Zajem podatkov</a></li>
<li class="toctree-l1"><a class="reference internal" href="13-knjiznica-pandas.html">Knjižnica Pandas</a></li>
<li class="toctree-l1"><a class="reference internal" href="14-naivni-bayesov-klasifikator.html">Naivni Bayesov klasifikator</a></li>
</ul>
</div>
</nav></div>
</div>
<div class="sidebar-primary-items__end sidebar-primary__section">
</div>
<div id="rtd-footer-container"></div>
</div>
<main id="main-content" class="bd-main">
<div class="sbt-scroll-pixel-helper"></div>
<div class="bd-content">
<div class="bd-article-container">
<div class="bd-header-article">
<div class="header-article-items header-article__inner">
<div class="header-article-items__start">
<div class="header-article-item"><label class="sidebar-toggle primary-toggle btn btn-sm" for="__primary" title="Toggle primary sidebar" data-bs-placement="bottom" data-bs-toggle="tooltip">
<span class="fa-solid fa-bars"></span>
</label></div>
</div>
<div class="header-article-items__end">
<div class="header-article-item">
<div class="article-header-buttons">
<div class="dropdown dropdown-launch-buttons">
<button class="btn dropdown-toggle" type="button" data-bs-toggle="dropdown" aria-expanded="false" aria-label="Launch interactive content">
<i class="fas fa-rocket"></i>
</button>
<ul class="dropdown-menu">
<li><a href="https://mybinder.org/v2/gh/matijapretnar/uvod-v-programiranje/master?urlpath=tree/10c-spletna-storitev.md" target="_blank"
class="btn btn-sm dropdown-item"
title="Launch onBinder"
data-bs-placement="left" data-bs-toggle="tooltip"
>
<span class="btn__icon-container">
<img src="_static/images/logo_binder.svg">
</span>
<span class="btn__text-container">Binder</span>
</a>
</li>
</ul>
</div>
<div class="dropdown dropdown-download-buttons">
<button class="btn dropdown-toggle" type="button" data-bs-toggle="dropdown" aria-expanded="false" aria-label="Download this page">
<i class="fas fa-download"></i>
</button>
<ul class="dropdown-menu">
<li><a href="_sources/10c-spletna-storitev.ipynb" target="_blank"
class="btn btn-sm btn-download-notebook-button dropdown-item"
title="Download notebook file"
data-bs-placement="left" data-bs-toggle="tooltip"
>
<span class="btn__icon-container">
<i class="fas fa-code"></i>
</span>
<span class="btn__text-container">.ipynb</span>
</a>
</li>
<li><a href="_sources/10c-spletna-storitev.md" target="_blank"
class="btn btn-sm btn-download-source-button dropdown-item"
title="Download source file"
data-bs-placement="left" data-bs-toggle="tooltip"
>
<span class="btn__icon-container">
<i class="fas fa-file"></i>
</span>
<span class="btn__text-container">.md</span>
</a>
</li>
<li>
<button onclick="window.print()"
class="btn btn-sm btn-download-pdf-button dropdown-item"
title="Print to PDF"
data-bs-placement="left" data-bs-toggle="tooltip"
>
<span class="btn__icon-container">
<i class="fas fa-file-pdf"></i>
</span>
<span class="btn__text-container">.pdf</span>
</button>
</li>
</ul>
</div>
<button onclick="toggleFullScreen()"
class="btn btn-sm btn-fullscreen-button"
title="Fullscreen mode"
data-bs-placement="bottom" data-bs-toggle="tooltip"
>
<span class="btn__icon-container">
<i class="fas fa-expand"></i>
</span>
</button>
<script>
document.write(`
<button class="theme-switch-button btn btn-sm btn-outline-primary navbar-btn rounded-circle" title="light/dark" aria-label="light/dark" data-bs-placement="bottom" data-bs-toggle="tooltip">
<span class="theme-switch" data-mode="light"><i class="fa-solid fa-sun"></i></span>
<span class="theme-switch" data-mode="dark"><i class="fa-solid fa-moon"></i></span>
<span class="theme-switch" data-mode="auto"><i class="fa-solid fa-circle-half-stroke"></i></span>
</button>
`);
</script>
<script>
document.write(`
<button class="btn btn-sm navbar-btn search-button search-button__button" title="Search" aria-label="Search" data-bs-placement="bottom" data-bs-toggle="tooltip">
<i class="fa-solid fa-magnifying-glass"></i>
</button>
`);
</script>
<label class="sidebar-toggle secondary-toggle btn btn-sm" for="__secondary"title="Toggle secondary sidebar" data-bs-placement="bottom" data-bs-toggle="tooltip">
<span class="fa-solid fa-list"></span>
</label>
</div></div>
</div>
</div>
</div>
<div id="jb-print-docs-body" class="onlyprint">
<h1>*Spletna storitev</h1>
<!-- Table of contents -->
<div id="print-main-content">
<div id="jb-print-toc">
<div>
<h2> Contents </h2>
</div>
<nav aria-label="Page">
<ul class="visible nav section-nav flex-column">
<li class="toc-h2 nav-item toc-entry"><a class="reference internal nav-link" href="#piskotki">Piškotki</a></li>
</ul>
</nav>
</div>
</div>
</div>
<div id="searchbox"></div>
<article class="bd-article" role="main">
<section class="tex2jax_ignore mathjax_ignore" id="spletna-storitev">
<h1>*Spletna storitev<a class="headerlink" href="#spletna-storitev" title="Permalink to this heading">#</a></h1>
<p><strong>Opomba:</strong> Do vključno študijskega leta 2021/22 je bil del predmeta Uvod v programiranje tudi projektna naloga, ki je obsegala pisanje spletne storitve. Poglavja o tem so ostala v zapiskih, vendar so označena z *, saj niso več del učnega programa.</p>
<p>Spletni vmesnik iz prejšnjega poglavja vedno deluje z enim samim stanjem, ki ga prikaže vsakemu uporabniku, ki do njega dostopa s spletnim brskalnikom. Dokler spletni strežnik teče samo na lokalnem računalniku, to še ni tako slabo, če pa bi do strežnika imelo dostop več ljudi, je pa to tako neuporabno kot nevarno. Tako bomo spletni vmesnik popravili v pravo spletno storitev, ki bo skrbela za ustrezno sledenje uporabnikov.</p>
<section id="piskotki">
<h2>Piškotki<a class="headerlink" href="#piskotki" title="Permalink to this heading">#</a></h2>
<p>Spletni protokoli so pisani tako, da morajo biti v vsaki poizvedbi vsi podatki, ki jih strežnik potrebuje za odziv. Recimo, da na spletu iščemo za “Evklidov algoritem” in kliknemo povezavo za naslednjo stran rezultatov. V tem primeru naš brskalnik na strežnik ne pošlje poizvedbe “vrni naslednjo stran” temveč na primer “vrni drugo stran rezultatov iskanja za Evklidov algoritem”. Če bi si namreč strežnik moral zapomniti vse prejšnje poizvedbe, bi mu hitro zmanjkalo prostora.</p>
<p>Na podoben način moramo poskrbeti tudi za podatke o prijavljenem uporabniku. Ena možnost je, da bi uporabniško ime in geslo prek obrazcev posredovali v vsaki poizvedbi, vendar bi to izjemno hitro postalo nerodno. Namesto tega bomo uporabili <em>piškotke</em>. Ti so majhni kosi podatkov, ki jih strežnik v odzivu pošlje uporabniku, uporabnik pa jih nato samodejno priloži vsaki nadaljnji poizvedbi. Ko se bo uporabnik prijavil z uporabniškim imenom in geslom, si bo strežnik izmislil posebno šifro ter jo vrnil uporabniku. Ko bo uporabnik vsaki svoji nadaljnji poizvedbi priložil to šifro, bo strežnik vedel, za koga gre.</p>
<p>Prijavo naredimo preko obrazca, ki pošlje poizvedbo POST, ki jo lahko obdelamo kot:</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="nd">@bottle</span><span class="o">.</span><span class="n">post</span><span class="p">(</span><span class="s1">'/prijava/'</span><span class="p">)</span>
<span class="k">def</span> <span class="nf">prijava</span><span class="p">():</span>
<span class="n">uporabnisko_ime</span> <span class="o">=</span> <span class="n">bottle</span><span class="o">.</span><span class="n">request</span><span class="o">.</span><span class="n">forms</span><span class="p">[</span><span class="s1">'uporabnisko_ime'</span><span class="p">]</span>
<span class="n">geslo</span> <span class="o">=</span> <span class="n">bottle</span><span class="o">.</span><span class="n">request</span><span class="o">.</span><span class="n">forms</span><span class="p">[</span><span class="s1">'geslo'</span><span class="p">]</span>
<span class="k">if</span> <span class="n">model</span><span class="o">.</span><span class="n">preveri_uporabnika</span><span class="p">(</span><span class="n">uporabnisko_ime</span><span class="p">,</span> <span class="n">geslo</span><span class="p">):</span>
<span class="n">bottle</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">set_cookie</span><span class="p">(</span><span class="s1">'uporabnisko_ime'</span><span class="p">,</span> <span class="n">uporabnisko_ime</span><span class="p">,</span> <span class="n">path</span><span class="o">=</span><span class="s1">'/'</span><span class="p">)</span>
<span class="n">bottle</span><span class="o">.</span><span class="n">redirect</span><span class="p">(</span><span class="s1">'/'</span><span class="p">)</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">return</span> <span class="s1">'Napačni podatki za prijavo'</span>
</pre></div>
</div>
<p>Ko preverimo pravilnost uporabniškega imena in gesla (kako to natančno storimo, bomo pogledali kasneje), uporabniku v odzivu nastavimo piškotek ter ga preusmerimo na osnovno stran. To storimo prek funkcije <code class="docutils literal notranslate"><span class="pre">bottle.response.set_cookie</span></code>, ki ji posredujemo tri argumente: ime piškotka (nastavimo lahko več piškotkov), vrednost ter pot, na kateri velja (piškotki lahko veljajo samo na določenih podstraneh).</p>
<p>V spletnem vmesniku smo stanje prebrali iz fiksne datoteke:</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="n">IME_DATOTEKE</span> <span class="o">=</span> <span class="s1">'stanje.json'</span>
<span class="n">stanje</span> <span class="o">=</span> <span class="n">Stanje</span><span class="o">.</span><span class="n">preberi_iz_datoteke</span><span class="p">(</span><span class="n">IME_DATOTEKE</span><span class="p">)</span>
</pre></div>
</div>
<p>Sedaj pa bo vsak uporabnik imel svoje stanje. V ta namen si napišemo pomožno funkcijo, ki stanje prijavljenega uporabnika prebere iz datoteke, neprijavljenega uporabnika pa preusmeri na stran za prijavo:</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="k">def</span> <span class="nf">stanje_trenutnega_uporabnika</span><span class="p">():</span>
<span class="n">uporabnisko_ime</span> <span class="o">=</span> <span class="n">bottle</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">get_cookie</span><span class="p">(</span><span class="s1">'uporabnisko_ime'</span><span class="p">)</span>
<span class="k">if</span> <span class="n">uporabnisko_ime</span><span class="p">:</span>
<span class="k">return</span> <span class="n">Stanje</span><span class="o">.</span><span class="n">preberi_iz_datoteke</span><span class="p">(</span><span class="sa">f</span><span class="s2">"</span><span class="si">{</span><span class="n">uporabnisko_ime</span><span class="si">}</span><span class="s2">.json"</span><span class="p">)</span>
<span class="k">else</span><span class="p">:</span>
<span class="n">bottle</span><span class="o">.</span><span class="n">redirect</span><span class="p">(</span><span class="s1">'/prijava/'</span><span class="p">)</span>
</pre></div>
</div>
<p>Sedaj moramo še vsako spletno stran popraviti, da ne uporablja fiksnega stanja, temveč uporabnikovo. Na primer, namesto</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="nd">@bottle</span><span class="o">.</span><span class="n">post</span><span class="p">(</span><span class="s1">'/dodaj_opravilo/'</span><span class="p">)</span>
<span class="k">def</span> <span class="nf">dodaj_opravilo</span><span class="p">():</span>
<span class="n">ime</span> <span class="o">=</span> <span class="n">bottle</span><span class="o">.</span><span class="n">request</span><span class="o">.</span><span class="n">forms</span><span class="p">[</span><span class="s1">'ime'</span><span class="p">]</span>
<span class="n">opis</span> <span class="o">=</span> <span class="n">bottle</span><span class="o">.</span><span class="n">request</span><span class="o">.</span><span class="n">forms</span><span class="p">[</span><span class="s1">'opis'</span><span class="p">]</span>
<span class="k">if</span> <span class="n">ime</span><span class="p">:</span>
<span class="n">opravilo</span> <span class="o">=</span> <span class="n">stanje</span><span class="o">.</span><span class="n">Opravilo</span><span class="p">(</span><span class="n">ime</span><span class="p">,</span> <span class="n">opis</span><span class="p">)</span>
<span class="n">stanje</span><span class="o">.</span><span class="n">dodaj_opravilo</span><span class="p">(</span><span class="n">opravilo</span><span class="p">)</span>
<span class="n">bottle</span><span class="o">.</span><span class="n">redirect</span><span class="p">(</span><span class="s1">'/'</span><span class="p">)</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">return</span> <span class="s1">'Ime mora biti neprazno'</span>
</pre></div>
</div>
<p>moramo pisati</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="nd">@bottle</span><span class="o">.</span><span class="n">post</span><span class="p">(</span><span class="s1">'/dodaj_opravilo/'</span><span class="p">)</span>
<span class="k">def</span> <span class="nf">dodaj_opravilo</span><span class="p">():</span>
<span class="n">stanje</span> <span class="o">=</span> <span class="n">stanje_trenutnega_uporabnika</span><span class="p">()</span>
<span class="n">ime</span> <span class="o">=</span> <span class="n">bottle</span><span class="o">.</span><span class="n">request</span><span class="o">.</span><span class="n">forms</span><span class="p">[</span><span class="s1">'ime'</span><span class="p">]</span>
<span class="n">opis</span> <span class="o">=</span> <span class="n">bottle</span><span class="o">.</span><span class="n">request</span><span class="o">.</span><span class="n">forms</span><span class="p">[</span><span class="s1">'opis'</span><span class="p">]</span>
<span class="k">if</span> <span class="n">ime</span><span class="p">:</span>
<span class="n">opravilo</span> <span class="o">=</span> <span class="n">stanje</span><span class="o">.</span><span class="n">Opravilo</span><span class="p">(</span><span class="n">ime</span><span class="p">,</span> <span class="n">opis</span><span class="p">)</span>
<span class="n">stanje</span><span class="o">.</span><span class="n">dodaj_opravilo</span><span class="p">(</span><span class="n">opravilo</span><span class="p">)</span>
<span class="n">bottle</span><span class="o">.</span><span class="n">redirect</span><span class="p">(</span><span class="s1">'/'</span><span class="p">)</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">return</span> <span class="s1">'Ime mora biti neprazno'</span>
</pre></div>
</div>
<p>Za odjavo uporabnika moramo le pobrisati piškotek:</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="nd">@bottle</span><span class="o">.</span><span class="n">post</span><span class="p">(</span><span class="s1">'/odjava/'</span><span class="p">)</span>
<span class="k">def</span> <span class="nf">odjava</span><span class="p">():</span>
<span class="n">bottle</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">delete_cookie</span><span class="p">(</span><span class="s1">'uporabnisko_ime'</span><span class="p">,</span> <span class="n">uporabnisko_ime</span><span class="p">,</span> <span class="n">path</span><span class="o">=</span><span class="s1">'/'</span><span class="p">)</span>
<span class="n">bottle</span><span class="o">.</span><span class="n">redirect</span><span class="p">(</span><span class="s1">'/'</span><span class="p">)</span>
</pre></div>
</div>
<p>Ker piškotke na strežnik pošilja uporabnik, moramo biti previdni, da ne bi tega kdo izkoristil za nepooblaščeni dostop do strežnika. V kodi, kot jo imamo zgoraj, bi namreč uporabnik lahko svoj piškotek <code class="docutils literal notranslate"><span class="pre">uporabnisko_ime</span></code> popravil na neko drugo vrednost (na primer <code class="docutils literal notranslate"><span class="pre">admin</span></code>) ter s tem dobil dostop do drugega računa. To enostavno rešimo tako, da strežnik piškotek nastavi na vrednost, ki jo lahko prebere le on sam. V knjižnici Bottle to storimo tako, da funkcijam za delo s piškotki podamo še dodaten argument <code class="docutils literal notranslate"><span class="pre">secret</span></code>, v katerem podamo niz, ki je dostopen le strežniku. S pomočjo te vrednosti bo strežnik vrednost piškotka zašifriral, preden jo bo poslal uporabniku, ter odšifriral, ko jo bo dobil nazaj. Tako bi lahko na primer na vrhu strežnikove kode nastavili</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="n">SIFRA</span> <span class="o">=</span> <span class="s1">'to šifro pozna le strežnik'</span>
</pre></div>
</div>
<p>nato pa pisali</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span> <span class="n">bottle</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">set_cookie</span><span class="p">(</span><span class="s1">'uporabnisko_ime'</span><span class="p">,</span> <span class="n">uporabnisko_ime</span><span class="p">,</span> <span class="n">path</span><span class="o">=</span><span class="s1">'/'</span><span class="p">,</span> <span class="n">secret</span><span class="o">=</span><span class="n">SIFRA</span><span class="p">)</span>
</pre></div>
</div>
<p>ali</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span> <span class="n">bottle</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">get_cookie</span><span class="p">(</span><span class="s1">'uporabnisko_ime'</span><span class="p">,</span> <span class="p">,</span> <span class="n">secret</span><span class="o">=</span><span class="n">SIFRA</span><span class="p">)</span>
</pre></div>
</div>
<p>Tako uporabnik v piškotku <code class="docutils literal notranslate"><span class="pre">uporabnisko_ime</span></code> ne vidi svojega uporabniškega imena, temveč nekaj podobnega</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="s2">"!lc+Jr/Oo32xFThrc1feEJfrPyJBiWO9SU0IVgU1QLGI=?gAWVHwAAAAAAAABdlCiMD3Vwb3JhYm5pc2tvX2ltZZSMBWFkbWlulGUu"</span>
</pre></div>
</div>
<p>Paziti moramo, da šifre ne ponesreči kje ne objavimo, saj bi z njeno pomočjo lahko nekdo ustvaril ustrezen zašifriran piškotek. Ena možnost je, da jo preberemo iz datoteke:</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="s1">'sifra.txt'</span><span class="p">)</span> <span class="k">as</span> <span class="n">d</span><span class="p">:</span>
<span class="n">SIFRA</span> <span class="o">=</span> <span class="n">d</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
</pre></div>
</div>
<p>ime datoteke <code class="docutils literal notranslate"><span class="pre">sifra.txt</span></code> pa dodamo v <code class="docutils literal notranslate"><span class="pre">.gitignore</span></code>, da je ne bi po nesreči dodali v javni Git repozitorij.</p>
</section>
</section>
<script type="text/x-thebe-config">
{
requestKernel: true,
binderOptions: {
repo: "binder-examples/jupyter-stacks-datascience",
ref: "master",
},
codeMirrorConfig: {
theme: "abcdef",
mode: "python"
},
kernelOptions: {
name: "python3",
path: "./."
},
predefinedOutput: true
}
</script>
<script>kernelName = 'python3'</script>
</article>
<footer class="bd-footer-article">
<!-- Previous / next buttons -->
<div class="prev-next-area">
<a class="left-prev"
href="10b-spletni-vmesnik.html"
title="previous page">
<i class="fa-solid fa-angle-left"></i>
<div class="prev-next-info">
<p class="prev-next-subtitle">previous</p>
<p class="prev-next-title">*Spletni vmesnik</p>
</div>
</a>
<a class="right-next"
href="11-regularni-izrazi.html"
title="next page">
<div class="prev-next-info">
<p class="prev-next-subtitle">next</p>
<p class="prev-next-title">Regularni izrazi</p>
</div>
<i class="fa-solid fa-angle-right"></i>
</a>
</div>
</footer>
</div>
<div class="bd-sidebar-secondary bd-toc"><div class="sidebar-secondary-items sidebar-secondary__inner">
<div class="sidebar-secondary-item">
<div class="page-toc tocsection onthispage">
<i class="fa-solid fa-list"></i> Contents
</div>
<nav class="bd-toc-nav page-toc">
<ul class="visible nav section-nav flex-column">
<li class="toc-h2 nav-item toc-entry"><a class="reference internal nav-link" href="#piskotki">Piškotki</a></li>
</ul>
</nav></div>
</div></div>
</div>
<footer class="bd-footer-content">
<div class="bd-footer-content__inner">
<div class="bd-footer-content__inner container">
<div class="footer-item">
<p class="component-author">
By Matija Pretnar
</p>
</div>
<div class="footer-item">
<p class="copyright">
© Copyright 2022.
<br/>
</p>
</div>
<div class="footer-item">
</div>
<div class="footer-item">
</div>
</div></div>
</footer>
</main>
</div>
</div>
<!-- Scripts loaded after <body> so the DOM is not blocked -->
<script src="_static/scripts/bootstrap.js?digest=12da95d707ffb74b382d"></script>
<script src="_static/scripts/pydata-sphinx-theme.js?digest=12da95d707ffb74b382d"></script>
<footer class="bd-footer">
</footer>
</body>
</html>