Python 如何在Django Rest框架中为用户登录创建Json Web令牌?
我想将JWT集成到我的用户登录API中进行身份验证。如何将其与我在下面添加的现有代码集成。在代码中,我添加了一个需要相应更改的虚拟令牌。多谢各位 添加我的django项目中的一些相关代码部分以供参考: 序列化程序Python 如何在Django Rest框架中为用户登录创建Json Web令牌?,python,django,django-rest-framework,Python,Django,Django Rest Framework,我想将JWT集成到我的用户登录API中进行身份验证。如何将其与我在下面添加的现有代码集成。在代码中,我添加了一个需要相应更改的虚拟令牌。多谢各位 添加我的django项目中的一些相关代码部分以供参考: 序列化程序 class UserLoginSerializer(ModelSerializer): token = CharField(allow_blank=True, read_only=True) class Meta: model = User fields = [
class UserLoginSerializer(ModelSerializer):
token = CharField(allow_blank=True, read_only=True)
class Meta:
model = User
fields = [
'username',
'password',
'token',
]
extra_kwargs = {"password":
{"write_only": True}
}
def validate(self, data):
user_obj = None
username = data.get("username", None)
password = data["password"]
if not username:
raise ValidationError("Kullanıcı adı gerekli.")
user = User.objects.filter(
Q(username=username)
).distinct()
user = user.exclude(email__isnull=True).exclude(email__iexact='')
if user.exists() and user.count() == 1:
user = user.first()
else:
raise ValidationError("Böyle bir Kullanıcı Adı yoktur.")
if user_obj:
if not user_obj.check_password(password):
raise ValidationError("Tekrar deneyiniz.")
data["token"] = "asdasdasdasd"
return data
class UserLoginAPIView(APIView):
permission_classes = [AllowAny]
serializer_class = UserLoginSerializer
def post(self, request, *args, **kwargs):
data = request.data
serializer = UserLoginSerializer(data=data)
if serializer.is_valid(raise_exception=True):
new_data = serializer.data
return Response(new_data, status=HTTP_200_OK)
return Response(serializer.errors, status=HTTP_400_BAD_REQUEST)
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
urlpatterns = [
url(r'^login/$', UserLoginAPIView.as_view(), name='login'),
url(r'^api-token-auth/', obtain_jwt_token),
url(r'^api-token-refresh/', refresh_jwt_token),
url(r'^api-token-verify/', verify_jwt_token),
url(r'^register/$', UserCreateAPIView.as_view(), name='register'),
]
class UserLoginSerializer(ModelSerializer):
token = CharField(allow_blank=True, read_only=True)
class Meta:
model = User
fields = [
'username',
'password',
'token',
]
extra_kwargs = {"password":
{"write_only": True}
}
def validate(self, data):
user_obj = None
username = data.get("username", None)
password = data["password"]
if not username:
raise ValidationError("Kullanıcı adı gerekli.")
user = User.objects.filter(
Q(username=username)
).distinct()
user = user.exclude(email__isnull=True).exclude(email__iexact='')
if user.exists() and user.count() == 1:
user = user.first()
else:
raise ValidationError("Böyle bir Kullanıcı Adı yoktur.")
if user_obj:
if not user_obj.check_password(password):
raise ValidationError("Tekrar deneyiniz.")
data["token"] = "asdasdasdasd"
return data
class UserLoginAPIView(APIView):
permission_classes = [AllowAny]
serializer_class = UserLoginSerializer
def post(self, request, *args, **kwargs):
data = request.data
serializer = UserLoginSerializer(data=data)
if serializer.is_valid(raise_exception=True):
new_data = serializer.data
return Response(new_data, status=HTTP_200_OK)
return Response(serializer.errors, status=HTTP_400_BAD_REQUEST)
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
urlpatterns = [
url(r'^login/$', UserLoginAPIView.as_view(), name='login'),
url(r'^api-token-auth/', obtain_jwt_token),
url(r'^api-token-refresh/', refresh_jwt_token),
url(r'^api-token-verify/', verify_jwt_token),
url(r'^register/$', UserCreateAPIView.as_view(), name='register'),
]
class UserLoginSerializer(ModelSerializer):
token = CharField(allow_blank=True, read_only=True)
class Meta:
model = User
fields = [
'username',
'password',
'token',
]
extra_kwargs = {"password":
{"write_only": True}
}
def validate(self, data):
user_obj = None
username = data.get("username", None)
password = data["password"]
if not username:
raise ValidationError("Kullanıcı adı gerekli.")
user = User.objects.filter(
Q(username=username)
).distinct()
user = user.exclude(email__isnull=True).exclude(email__iexact='')
if user.exists() and user.count() == 1:
user = user.first()
else:
raise ValidationError("Böyle bir Kullanıcı Adı yoktur.")
if user_obj:
if not user_obj.check_password(password):
raise ValidationError("Tekrar deneyiniz.")
data["token"] = "asdasdasdasd"
return data
class UserLoginAPIView(APIView):
permission_classes = [AllowAny]
serializer_class = UserLoginSerializer
def post(self, request, *args, **kwargs):
data = request.data
serializer = UserLoginSerializer(data=data)
if serializer.is_valid(raise_exception=True):
new_data = serializer.data
return Response(new_data, status=HTTP_200_OK)
return Response(serializer.errors, status=HTTP_400_BAD_REQUEST)
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
urlpatterns = [
url(r'^login/$', UserLoginAPIView.as_view(), name='login'),
url(r'^api-token-auth/', obtain_jwt_token),
url(r'^api-token-refresh/', refresh_jwt_token),
url(r'^api-token-verify/', verify_jwt_token),
url(r'^register/$', UserCreateAPIView.as_view(), name='register'),
]
class UserLoginSerializer(ModelSerializer):
token = CharField(allow_blank=True, read_only=True)
class Meta:
model = User
fields = [
'username',
'password',
'token',
]
extra_kwargs = {"password":
{"write_only": True}
}
def validate(self, data):
user_obj = None
username = data.get("username", None)
password = data["password"]
if not username:
raise ValidationError("Kullanıcı adı gerekli.")
user = User.objects.filter(
Q(username=username)
).distinct()
user = user.exclude(email__isnull=True).exclude(email__iexact='')
if user.exists() and user.count() == 1:
user = user.first()
else:
raise ValidationError("Böyle bir Kullanıcı Adı yoktur.")
if user_obj:
if not user_obj.check_password(password):
raise ValidationError("Tekrar deneyiniz.")
data["token"] = "asdasdasdasd"
return data
class UserLoginAPIView(APIView):
permission_classes = [AllowAny]
serializer_class = UserLoginSerializer
def post(self, request, *args, **kwargs):
data = request.data
serializer = UserLoginSerializer(data=data)
if serializer.is_valid(raise_exception=True):
new_data = serializer.data
return Response(new_data, status=HTTP_200_OK)
return Response(serializer.errors, status=HTTP_400_BAD_REQUEST)
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
urlpatterns = [
url(r'^login/$', UserLoginAPIView.as_view(), name='login'),
url(r'^api-token-auth/', obtain_jwt_token),
url(r'^api-token-refresh/', refresh_jwt_token),
url(r'^api-token-verify/', verify_jwt_token),
url(r'^register/$', UserCreateAPIView.as_view(), name='register'),
]
您可以尝试这样做: 首先,安装
pip安装djangorestframeworkjwtREST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
def jwt_response_payload_handler(token, user, request, *args, **kwargs):
data = {
"token": token,
"user": "{}".format(user.id),
"userid": user.id,
"active": user.is_active
}
return data
JWT_AUTH = {
'JWT_RESPONSE_PAYLOAD_HANDLER': 'jwt_response_payload_handler',
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=180),
'JWT_ALLOW_REFRESH': False,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=30),
'JWT_SECRET_KEY': 'generate_a_secret_key',
}
from rest_framework import serializers
from rest_framework.authtoken.models import Token
class TokenSerializer(serializers.ModelSerializer):
class Meta:
model = Token
fields = ('key',)
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
def jwt_response_payload_handler(token, user, request, *args, **kwargs):
data = {
"token": token,
"user": "{}".format(user.id),
"userid": user.id,
"active": user.is_active
}
return data
JWT_AUTH = {
'JWT_RESPONSE_PAYLOAD_HANDLER': 'jwt_response_payload_handler',
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=180),
'JWT_ALLOW_REFRESH': False,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=30),
'JWT_SECRET_KEY': 'generate_a_secret_key',
}
from rest_framework import serializers
from rest_framework.authtoken.models import Token
class TokenSerializer(serializers.ModelSerializer):
class Meta:
model = Token
fields = ('key',)
authenization\u类from rest_framework_jwt.authentication import JSONWebTokenAuthentication
我希望这对你有帮助 您可以使用其内置视图
rest\u framework\u jwt.views。获取用于用户登录的\u jwt\u令牌
它创建一个令牌
然后您需要转到RestrictedView
并使用令牌进行身份验证。仅此而已。使用名为
步骤:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
def jwt_response_payload_handler(token, user, request, *args, **kwargs):
data = {
"token": token,
"user": "{}".format(user.id),
"userid": user.id,
"active": user.is_active
}
return data
JWT_AUTH = {
'JWT_RESPONSE_PAYLOAD_HANDLER': 'jwt_response_payload_handler',
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=180),
'JWT_ALLOW_REFRESH': False,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=30),
'JWT_SECRET_KEY': 'generate_a_secret_key',
}
from rest_framework import serializers
from rest_framework.authtoken.models import Token
class TokenSerializer(serializers.ModelSerializer):
class Meta:
model = Token
fields = ('key',)
安装jwt的pip包($pip安装PyJWT
)
在views.py中:
import jwt
然后转到你想要生成令牌的地方,
然后按如下方式使用:
encoded = jwt.encode({'email': uemail, 'phone':phone}, 'MySecretKey', algorithm='HS256')
在响应中打印或添加编码变量将给出响应
我实现了一种使用JWT登录的方法,它的作用是:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
def jwt_response_payload_handler(token, user, request, *args, **kwargs):
data = {
"token": token,
"user": "{}".format(user.id),
"userid": user.id,
"active": user.is_active
}
return data
JWT_AUTH = {
'JWT_RESPONSE_PAYLOAD_HANDLER': 'jwt_response_payload_handler',
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=180),
'JWT_ALLOW_REFRESH': False,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=30),
'JWT_SECRET_KEY': 'generate_a_secret_key',
}
from rest_framework import serializers
from rest_framework.authtoken.models import Token
class TokenSerializer(serializers.ModelSerializer):
class Meta:
model = Token
fields = ('key',)
获取随请求发送的电子邮件和密码,然后
将其转换为字符串变量
我检查电子邮件是否已经收到了
存在于我创建的自定义用户模型中
如果用户已经
存在时,我将对象模型转换为字典,以便
它的特定密码
因为我匹配了密码
对应于用户模型和随发送的密码
发布请求
如果电子邮件存在于用户模型中,并且对应于该用户模型的密码与post请求发送的密码匹配,我将使用pyJWT使用我的自定义数据生成JWT并返回响应
在所有其他情况下,电子邮件和密码不匹配,我返回“不匹配”
假设请求为{“电子邮件”:xyz@gmail.com“,”密码“:“12345”}
我实现了一种使用JWT登录的方法,它的作用是:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
def jwt_response_payload_handler(token, user, request, *args, **kwargs):
data = {
"token": token,
"user": "{}".format(user.id),
"userid": user.id,
"active": user.is_active
}
return data
JWT_AUTH = {
'JWT_RESPONSE_PAYLOAD_HANDLER': 'jwt_response_payload_handler',
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=180),
'JWT_ALLOW_REFRESH': False,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=30),
'JWT_SECRET_KEY': 'generate_a_secret_key',
}
from rest_framework import serializers
from rest_framework.authtoken.models import Token
class TokenSerializer(serializers.ModelSerializer):
class Meta:
model = Token
fields = ('key',)
获取随请求发送的电子邮件和密码,然后
将其转换为字符串变量
我检查电子邮件是否已经收到了
存在于我创建的自定义用户模型中
如果用户已经
存在时,我将对象模型转换为字典,以便
它的特定密码
因为我匹配了密码
对应于用户模型和随发送的密码
发布请求
如果电子邮件存在于用户模型中,并且对应于该用户模型的密码与post请求发送的密码匹配,我将使用pyJWT使用我的自定义数据生成JWT并返回响应
在所有其他情况下,电子邮件和密码不匹配,我返回“不匹配”
假设请求为{“电子邮件”:xyz@gmail.com“,”密码“:“12345”}
视图.py
你看过这个包裹了吗?是的,我已经看过这个包裹了。但我不明白我该如何改变。如果有关于它的任何例子,请让我知道。非常感谢。