试用网站空间,室内设计师资格证报考条件,如何看网站的关键词,深圳跑网约车怎么样介绍
创建系统管理app#xff0c;用于管理系统的用户#xff0c;角色#xff0c;权限#xff0c;登录等功能#xff0c;项目中将使用django-rest_framework进行用户认证和权限解析。这里将完成用户认证
用户验证
rest_framework.authentication模块中的认证类#xff…介绍
创建系统管理app用于管理系统的用户角色权限登录等功能项目中将使用django-rest_framework进行用户认证和权限解析。这里将完成用户认证
用户验证
rest_framework.authentication模块中的认证类例如 session认证SessionAuthentication基于session token 认证TokenAuthenticationAPI Token 自定义认证BasicAuthenticationHTTP Basic Auth
这里采用djangorestframework-simplejwt设计自定义认证类和自定义登录
pip install djangorestframework-simplejwt创建用户模型表user
from django.db import models from django.contrib.auth.hashers import make_password, check_password# Create your models here.class User(models.Model):username models.CharField(max_length255, uniqueTrue, verbose_name手机号)password models.CharField(max_length255, uniqueFalse, verbose_name密码)is_vip models.BooleanField(defaultFalse,verbose_name是否为vip)vip_expires_at models.DateTimeField(auto_now_addTrue,verbose_namevip过期时间)is_active models.BooleanField(defaultTrue)class Meta:db_table userverbose_name 用户账号表verbose_name_plural verbose_name数据库迁移
python manage.py makemigrations
python manage.py migrate 在根目录下创建utils目录在utils目录中创建文件Authentication.py和jwt.py ## Authentication.pyfrom rest_framework_simplejwt.serializers import TokenObtainPairSerializer
from rest_framework_simplejwt.views import TokenObtainPairView
from rest_framework import serializers
from user.models import User# 自定义认证类
class MyTokenObtainPairSerializer(TokenObtainPairSerializer):自定义登录认证使用自有用户表username、password这两个字段为必传字段因为 DRF 要检查这些字段是否有效username_field phone_number 这是重命名了username必传字段设置为了phone_number字段必传phone_number serializers.CharField(requiredFalse) # 这个是设置了自定义的字段是否必传def validate(self, attrs):username attrs.get(username)password attrs.get(password)if not username or not password:raise serializers.ValidationError(phone_number and password are required)try:user User.objects.get(usernameusername, passwordpassword)except User.DoesNotExist:raise serializers.ValidationError(No user found with this username and password.)print(user)refresh self.get_token(user)data {userId: user.id, token: str(refresh.access_token), refresh: str(refresh),is_vip: user.is_vip}return dataclass MyTokenObtainPairView(TokenObtainPairView):serializer_class MyTokenObtainPairSerializer## jwt.py
from rest_framework_simplejwt.authentication import JWTAuthentication
from rest_framework_simplejwt.exceptions import InvalidToken, AuthenticationFailed
from django.utils.translation import gettext_lazy as _
# 自定义的用户模型
from user.models import Userclass MyJWTAuthentication(JWTAuthentication):修改JWT认证类返回自定义User表对象def get_user(self, validated_token):try:user_id validated_token[user_id]except KeyError:raise InvalidToken(_(Token contained no recognizable user identification))try:user User.objects.get(**{id: user_id})except User.DoesNotExist:raise AuthenticationFailed(_(User not found), codeuser_not_found)return user在settings.py同级目录下创建drf_settings.py 并引入settings.py 中
## drf_settings.py
REST_FRAMEWORK {DEFAULT_PERMISSION_CLASSES: [rest_framework.permissions.IsAuthenticated,],DEFAULT_AUTHENTICATION_CLASSES: [utils.jwt.MyJWTAuthentication # 认证方式为自定义的认证类],
}引入settings中
import drf_settings
REST_FRAMEWORK drf_settings.REST_FRAMEWORK创建一个app:userauth在views.py中写入一个接口视图
from django.shortcuts import render
from rest_framework.views import APIView
from rest_framework.response import Response# Create your views here.class UserTestView(APIView):def post(self, request,*args, **kwargs):s str(request.user.__dict__)return Response(s)在app:userauth:urls中设置路由
from django.urls import path, include
from rest_framework import routers
from rest_framework_simplejwt.views import TokenVerifyView, TokenRefreshView
from utils.authentication import MyTokenObtainPairView
from userauth.views import UserTestViewrouter routers.DefaultRouter()urlpatterns [path(login/, MyTokenObtainPairView.as_view()), # 登录path(refresh/, TokenRefreshView.as_view(), nametoken_refresh), # 刷新tokenpath(verify/, TokenVerifyView.as_view(), nametoken_verify), # 验证tokenpath(test/, UserTestView.as_view(), nametest)
]
urlpatterns.append(path(, include(router.urls)))这里没有写注册功能所以只有手动在数据库中创建一个用户 使用postman进行登录测试 刷新token测试 接口测试
参考链接https://blog.csdn.net/qq_42410176/article/details/130568130?spm1001.2014.3001.5502
