Oauth 2.0 如何在drf中使用oauth2登录时返回访问令牌?
我想在用户使用登录api登录后立即返回oauth2的用户访问令牌。 到目前为止,我已经创建了一个登录和注册api,我能够通过/o/token生成访问令牌,但我希望它作为一个返回值 以下是我的观点。py:-Oauth 2.0 如何在drf中使用oauth2登录时返回访问令牌?,oauth-2.0,django-rest-framework,Oauth 2.0,Django Rest Framework,我想在用户使用登录api登录后立即返回oauth2的用户访问令牌。 到目前为止,我已经创建了一个登录和注册api,我能够通过/o/token生成访问令牌,但我希望它作为一个返回值 以下是我的观点。py:- """ POST auth/login/ """ # This permission class will overide the global permission # class setting permission_classes = (A
"""
POST auth/login/
"""
# This permission class will overide the global permission
# class setting
permission_classes = (AllowAny,)
serializer_class = UserSerializer
queryset = User.objects.all()
def post(self, request, *args, **kwargs):
username = request.data.get("username", "")
password = request.data.get("password", "")
user = authenticate(request, username=username, password=password)
if user is not None:
# login saves the user’s ID in the session,
# using Django’s session framework.
login(request, user)
return redirect('list-user')
return Response(status=status.HTTP_401_UNAUTHORIZED)
class RegisterUserView(generics.CreateAPIView):
"""
POST auth/register/
"""
permission_classes = (AllowAny,)
serializer_class = UserRegistrationSerializer
def post(self, request, *args, **kwargs):
username = request.data.get("username", "")
password = request.data.get("password", "")
email = request.data.get("email", "")
if not username and not password and not email:
return Response(
data={
"message": "username, password and email is required to register a user"
},
status=status.HTTP_400_BAD_REQUEST
)
new_user = User.objects.create_user(
username=username, password=password, email=email
)
return Response(status=status.HTTP_201_CREATED)
这是我的serializers.py
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'password']
class UserRegistrationSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'email','password']
url.py
path('admin/', admin.site.urls),
path('', include('users.urls')),
path('o/', include('oauth2_provider.urls', namespace='oauth2_provider')),
]
应用程序用户的URL.py
urlpatterns = [
path('users/', views.UserListView.as_view(), name='list-user'),
path('auth/login/', views.LoginView.as_view(), name="auth-login"),
path('auth/register/', views.RegisterUserView.as_view(), name="auth-register")
]
如何实现它?您必须从
oauth2\u提供程序
视图获取令牌,以生成身份验证令牌,然后您可以根据需要修改响应
from oauth2_provider.views.base import TokenView
class CustomAuthView(generics.CreateAPIView):
permission_classes = (AllowAny,)
serializer_class = UserSerializer
def post(self, request, *args, **kwargs):
oauth_response = TokenView.as_view(request, *args, **kwargs)
if oauth_response.status == 200:
data = oauth_response.data
# update data according to your requirement
return response.Response(data)
else:
return oauth_response
如果您只想更改auth视图的url,那么可以添加一个指向TokenView
的新url,如下所示
从oauth2_provider.views.base导入令牌视图
path('auth/login/', TokenView.as_view(), name="auth-login"),
您必须向api提供以下参数
您必须从oauth2_提供程序的视图中获取令牌以生成身份验证令牌,然后您可以根据需要修改响应
from oauth2_provider.views.base import TokenView
class CustomAuthView(generics.CreateAPIView):
permission_classes = (AllowAny,)
serializer_class = UserSerializer
def post(self, request, *args, **kwargs):
oauth_response = TokenView.as_view(request, *args, **kwargs)
if oauth_response.status == 200:
data = oauth_response.data
# update data according to your requirement
return response.Response(data)
else:
return oauth_response
如果您只想更改auth视图的url,那么可以添加一个指向TokenView
的新url,如下所示
从oauth2_provider.views.base导入令牌视图
path('auth/login/', TokenView.as_view(), name="auth-login"),
您必须向api提供以下参数
您正在使用哪个身份验证软件包?oauth2\u Provider您想要什么类型的响应?因为如果您只需要令牌,那么您可以从
/o/token
url获取它。用户登录后应立即获得访问令牌asa json响应您使用的是哪个身份验证包?oauth2\u Provider您想要什么类型的响应?因为如果您只需要令牌,那么您可以从/o/token
url获取它。用户登录后,应立即获得json响应的访问令牌