对于登录用户，禁止缓存

SerhoLiu · Mar 13, 2016 · 96ed49c · 96ed49c
1 parent 18b575f
commit 96ed49c
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 1 deletion.
diff --git a/miniakio/blog.py b/miniakio/blog.py
@@ -254,6 +254,8 @@ def get(self):
 class SigninHandler(BaseHandler):
 
     def get(self):
+        self.add_header("Cache-control", "private, no-cache")
+
         if self.current_user:
             self.redirect(self.get_argument("next", "/"))
             return
@@ -293,6 +295,8 @@ def post(self):
 class SignoutHandler(BaseHandler):
 
     def get(self):
+        self.add_header("Cache-control", "private, no-cache")
+
         user = self.current_user
         if not user:
             self.redirect("/")

diff --git a/miniakio/libs/handler.py b/miniakio/libs/handler.py
@@ -25,6 +25,9 @@ def config(self):
         return self.application.config
 
     def prepare(self):
+        if self.current_user:
+            self.add_header("Cache-control", "private, no-cache")
+
         self.context = ObjectDict()
 
     def get_template_namespace(self):

diff --git a/miniakio/libs/models.py b/miniakio/libs/models.py
@@ -13,7 +13,8 @@ def get_user_by_email(self, email):
         return self.db.get("SELECT * FROM users WHERE email = ?", email)
 
     def update_user_salt(self, uid, salt):
-        self.db.execute("UPDATE users SET salt=? WHERE id=?;", salt, uid)
+        with self.db as db:
+            db.execute("UPDATE users SET salt=? WHERE id=?;", salt, uid)
 
 
 class PostMixin(object):