Django的:基于request.META值创建一个用户的唯一标识符 [英] Django: Creating a unique identifier for a user based on request.META values

查看:972
本文介绍了Django的:基于request.META值创建一个用户的唯一标识符的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我期待在创建匿名调查。不过,我想从两次表决prevent用户。我想哈希像这样的一些 request.META 值:

 从hashlib进口MD5request_id_keys =(
    HTTP_ACCEPT_CHARSET',
    HTTP_ACCEPT',
    HTTP_ACCEPT_ENCODING',
    HTTP_ACCEPT_LANGUAGE,
    HTTP_CONNECTION',
    'HTTP_USER_AGENT',
    REMOTE_ADDR,
)REQUEST_ID = MD5('|'。加入([request.META.get(K,'')对于k在requst_id_keys]))hexdigest()。

我的问题:


  1. 好主意?馊主意?为什么呢?

  2. 是一些键多余或只是矫枉过正?为什么呢?

  3. 是其中的一些容易改变?例如,我在考虑取消 HTTP_USER_AGENT ,因为我知道这只是一个简单的配置变化。

  4. 的完成这个半唯一标识符具有足够的灵活性来处理人民共享IP的(NAT),但一个简单的配置变化不会创建一个新的哈希?
    5. 更好的办法专有

解决方案

所有这些PARAMS是相当容易改变。为什么不使用用于这一目的的cookie?我猜是这样 evercookie


  

evercookie是可用的JavaScript API,在浏览器中会产生非常持久Cookie。它的目标是识别客户,即使他们已经删除标准饼干,饼干的Flash(本地共享对象或本地共享对象),以及其他。


I'm looking at creating an anonymous poll. However, I want to prevent users from voting twice. I was thinking of hashing some request.META values like so:

from hashlib import md5

request_id_keys = (
    'HTTP_ACCEPT_CHARSET',
    'HTTP_ACCEPT',
    'HTTP_ACCEPT_ENCODING',
    'HTTP_ACCEPT_LANGUAGE',
    'HTTP_CONNECTION',
    'HTTP_USER_AGENT',
    'REMOTE_ADDR',
)

request_id = md5('|'.join([request.META.get(k, '') for k in requst_id_keys])).hexdigest()

My questions:

  1. Good idea? Bad idea? Why?
  2. Are some of these keys redundant or just overkill? Why?
  3. Are some of these easily changeable? For example, I'm considering removing HTTP_USER_AGENT because I know that's just a simple config change.
  4. Know of a better way of accomplishing this semi-unique identifier that is flexible enough to handle people sharing IP's (NAT) but that a simple config change won't create a new hash?

解决方案

All of this params are fairly easy to change. Why not just use a cookie for that purpose? I guess something like evercookie

evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they've removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.

这篇关于Django的:基于request.META值创建一个用户的唯一标识符的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
跨浏览器开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆