DRF認證組件
1.DRF認證組件之視圖註冊用法(自定義簡單使用)django
settings.py配置 api
INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'app01.apps.App01Config', 'rest_framework', ]
urls.py: session
from django.conf.urls import url from django.contrib import admin from app01 import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^book/', views.CourseView.as_view(),name='courses'), ]
veiws.pyapp
from django.shortcuts import render, HttpResponse from rest_framework.views import APIView from rest_framework import exceptions # Create your views here. #實例url:http://127.0.0.1:8000/book/?token=1 class MyAuth(object): def authenticate(self, request): # 該示例認證是須要在請求的url加上參數token(實際直接是校驗用戶名或密碼或者登錄標識等) token = request._request.GET.get('token') if not token: raise exceptions.AuthenticationFailed('未認證用戶!!!') return ('認證經過的request.user', 'request.auth') # 認證函數執行結果若是經過則爲元組,元組第一個元素封裝在爲request.user,第二個參數封裝在request.auth中 def authenticate_header(self, request): pass class CourseView(APIView): # 認證組件 authentication_classes = [MyAuth, ] def get(self, request): print(request.user)#request.user在APIViewD的dispatch中進行封裝的 return HttpResponse('GET') def post(self, request): return HttpResponse('POST') def put(self, request): return HttpResponse('PUT') def patch(self, request): return HttpResponse('PATCH') def delete(self, request): return HttpResponse('DELETE')
2.DRF認證組件的使用(局部和全局) ide
方式一:局部配置---視圖類中添加類變量 authentication_classes=[MyAuth,]---(認證類列表)函數
settings.py配置見上(註冊rest_framework應用) post
models.py url
from django.db import models # Create your models here class UserInfo(models.Model): """ 用戶表 """ user_type_choices = [ (1, '普通用戶'), (2, 'VIP用戶'), (3, 'SVIP用戶'), ] user_type = models.IntegerField(choices=user_type_choices) username = models.CharField(max_length=10, unique=True) password = models.CharField(max_length=12, null=False) class UserToken(models.Model): """ token表 """ user = models.OneToOneField(to='UserInfo') token = models.CharField(max_length=64) create_time = models.DateTimeField(auto_now=True) class Book(models.Model): name = models.CharField(max_length=12)
urls.py spa
from django.conf.urls import url from django.contrib import admin from app01 import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^api/v1/login', views.AuthView.as_view()), url(r'^book/', views.CourseView.as_view(),name='courses'), ]
views.py 3d
from django.shortcuts import render, HttpResponse from rest_framework.views import APIView from rest_framework import exceptions from app01 import models from django.http import JsonResponse # Create your views here. # 實例url:http://127.0.0.1:8000/book/?token=1 #認證類,每一個類使用都須要加上類變量參數authentication_classes = [MyAuth, ] class MyAuth(object): def authenticate(self, request): # 該示例認證是須要在請求的url加上參數token(實際直接是校驗用戶名或密碼或者登錄標識等) token = request._request.GET.get('token') token_obj = models.UserToken.objects.get(token=token) if not token_obj: raise exceptions.AuthenticationFailed('未認證用戶!!!') return (token_obj.user, 'request.auth') # 認證函數執行結果若是經過則爲元組,元組第一個元素封裝在爲request.user,第二個元素封裝爲request.auth def authenticate_header(self, request): pass class CourseView(APIView): # (1)認證組件 authentication_classes = [MyAuth, ] def get(self, request): print(request.user) # request.user在認證組件中進行封裝的 return HttpResponse('GET') def post(self, request): return HttpResponse('POST') def put(self, request): return HttpResponse('PUT') def patch(self, request): return HttpResponse('PATCH') def delete(self, request): return HttpResponse('DELETE') import time import hashlib def token_md5(username): """ 自定義token :param username: :return: """ t = time.time() md5 = hashlib.md5(str(t).encode('utf-8')) md5.update(username.encode('utf-8')) return md5.hexdigest() class AuthView(APIView): def post(self, request): """ 用戶登陸 :param request:進行封裝以後的request對象 :return: 登陸結果信息 """ ret = {'code': 0, 'msg': ''} print(request._request.POST) username = request._request.POST.get('username', None) password = request._request.POST.get('password', None) # 每次登錄若是有就更新沒有就建立 try: user_obj = models.UserInfo.objects.filter(username=username, password=password).first() if user_obj: token = token_md5(username) print(token) # 每次登錄若是有就更新沒有就建立 models.UserToken.objects.update_or_create(user=user_obj, defaults={'token': token}) ret['msg'] = '登錄成功!' ret['token'] = token else: ret['code'] = 1 ret['msg'] = '帳號或密碼有誤!!!' except Exception as e: ret['code'] = 2 ret['msg'] = '未知錯誤!!!' finally: return JsonResponse(ret)
方式二:全局配置----在settings.py配置文件中加載REST_FRAMEWORK配置
settings.py
INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'app01.apps.App01Config', 'rest_framework', ] REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES' : ['app01.utils.auth.MyAuth',],#能夠自定義多個認證類 'UNAUTHENTICATED_USER':lambda :'匿名用戶request.user自定義值',#request.user有默認值,能夠直接寫None 'UNAUTHENTICATED_TOKEN':lambda :'request.auth自定義值',#request.auth有默認值,能夠直接寫None }
utils--auth.py--MyAuth認證類
from rest_framework import exceptions from app01 import models class MyAuth(object): def authenticate(self, request): # 該示例認證是須要在請求的url加上參數token(實際直接是校驗用戶名或密碼或者登錄標識等) token = request._request.GET.get('token') token_obj = models.UserToken.objects.get(token=token) if not token_obj: raise exceptions.AuthenticationFailed('未認證用戶!!!') return (token_obj.user, 'request.auth') # 認證函數執行結果若是經過則爲元組,元組第一個元素封裝在爲request.user,第二個元素封裝爲request.auth def authenticate_header(self, request): pass
models.py
from django.db import models # Create your models here class UserInfo(models.Model): """ 用戶表 """ user_type_choices = [ (1, '普通用戶'), (2, 'VIP用戶'), (3, 'SVIP用戶'), ] user_type = models.IntegerField(choices=user_type_choices) username = models.CharField(max_length=10, unique=True) password = models.CharField(max_length=12, null=False) class UserToken(models.Model): """ token表 """ user = models.OneToOneField(to='UserInfo') token = models.CharField(max_length=64) create_time = models.DateTimeField(auto_now=True) class Book(models.Model): name = models.CharField(max_length=12)
urls.py
from django.conf.urls import url from django.contrib import admin from app01 import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^api/v1/login', views.AuthView.as_view()), url(r'^book/', views.CourseView.as_view(),name='courses'), ]
views.py
from django.shortcuts import render, HttpResponse from rest_framework.views import APIView from rest_framework import exceptions from app01 import models from django.http import JsonResponse # 實例url:http://127.0.0.1:8000/book/?token=1 class CourseView(APIView): # (1)認證組件 authentication_classes = [MyAuth, ] def get(self, request): print(request.user) #request.user在APIViewD的dispatch中進行封裝的 return HttpResponse('GET') def post(self, request): return HttpResponse('POST') def put(self, request): return HttpResponse('PUT') def patch(self, request): return HttpResponse('PATCH') def delete(self, request): return HttpResponse('DELETE') import time import hashlib def token_md5(username): """ 自定義token :param username: :return: """ t = time.time() md5 = hashlib.md5(str(t).encode('utf-8')) md5.update(username.encode('utf-8')) return md5.hexdigest() class AuthView(APIView): #若是不註冊自定義組件,走默認的認證,最後返回了request.user和request.auth都是匿名用戶默認值,能夠在settings.py中加載自定義配置 def post(self, request): """ 用戶登陸 :param request:進行封裝以後的request對象 :return: 登陸結果信息 """ ret = {'code': 0, 'msg': ''} print(request._request.POST) username = request._request.POST.get('username', None) password = request._request.POST.get('password', None) # 每次登錄若是有就更新沒有就建立 try: user_obj = models.UserInfo.objects.filter(username=username, password=password).first() if user_obj: token = token_md5(username) print(token) # 每次登錄若是有就更新沒有就建立 models.UserToken.objects.update_or_create(user=user_obj, defaults={'token': token}) ret['msg'] = '登錄成功!' ret['token'] = token else: ret['code'] = 1 ret['msg'] = '帳號或密碼有誤!!!' except Exception as e: ret['code'] = 2 ret['msg'] = '未知錯誤!!!' finally: return JsonResponse(ret)
3.DRF認證組件的繼承類(經常使用)
utils--auth.py--MyAuth認證類
from rest_framework import exceptions from app01 import models from rest_framework.authentication import BaseAuthentication,BasicAuthentication # 實例url:http://127.0.0.1:8000/book/?token=1 #認證類(能夠定義多個): # 方式一:每一個類使用都須要加上類變量參數authentication_classes = [MyAuth, ] #方式二:在setings.py配置中加載REST_FRAMEWORK配置----'DEFAULT_AUTHENTICATION_CLASSES' : [], # class MyAuth(object): class MyAuth(BaseAuthentication):#能夠直接繼承BaseAuthentication類,能夠省略authenticate_header方法,或者繼承BasicAuthentication def authenticate(self, request): # 該示例認證是須要在請求的url加上參數token(實際直接是校驗用戶名或密碼或者登錄標識等) token = request._request.GET.get('token') token_obj = models.UserToken.objects.get(token=token) if not token_obj: raise exceptions.AuthenticationFailed('未認證用戶!!!') return (token_obj.user', 'request.auth') # 認證函數執行結果若是經過則爲元組,元組第一個元素封裝在爲request.user # def authenticate_header(self, request): # pass
settings.py
INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'app01.apps.App01Config', 'rest_framework', ] REST_FRAMEWORK = { #認證組件 'DEFAULT_AUTHENTICATION_CLASSES' : ['app01.utils.auth.MyAuth',],#能夠自定義多個認證類 'UNAUTHENTICATED_USER':lambda :'匿名用戶request.user自定義值',#request.user有默認值,能夠直接寫None 'UNAUTHENTICATED_TOKEN':lambda :'request.auth自定義值',#request.auth有默認值,能夠直接寫None }
相關文章
- 1. drf組件之jwt認證
- 2. DRF之認證組件
- 3. DRF之權限認證頻率組件
- 4. DRF認證組件流程分析
- 5. DRF內置認證組件之自定義認證系統
- 6. drf-jwt認證
- 7. DRF-jwt認證
- 8. 10.DRF-認證
- 9. drf認證組件、權限組件、jwt認證、簽發、jwt框架使用
- 10. DRF 版本 認證
- 更多相關文章...
- • ASP AdRotator 組件 - ASP 教程
- • ASP Content Linking 組件 - ASP 教程
- • 互聯網組織的未來:剖析GitHub員工的任性之源
- • IntelliJ IDEA安裝代碼格式化插件
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. drf組件之jwt認證
- 2. DRF之認證組件
- 3. DRF之權限認證頻率組件
- 4. DRF認證組件流程分析
- 5. DRF內置認證組件之自定義認證系統
- 6. drf-jwt認證
- 7. DRF-jwt認證
- 8. 10.DRF-認證
- 9. drf認證組件、權限組件、jwt認證、簽發、jwt框架使用
- 10. DRF 版本 認證