DRF认证组件
1.DRF认证组件之视图注册用法(自定义简单使用)
settings.py配置
- INSTALLED_APPS = [
- 'django.contrib.admin',
- 'django.contrib.auth',
- 'django.contrib.contenttypes',
- 'django.contrib.sessions',
- 'django.contrib.messages',
- 'django.contrib.staticfiles',
- 'app01.apps.App01Config',
- 'rest_framework',
- ]
seetings.py
urls.py:
- from django.conf.urls import url
- from django.contrib import admin
- from app01 import views
- urlpatterns = [
- url(r'^admin/', admin.site.urls),
- url(r'^book/', views.CourseView.as_view(),name='courses'),
- ]
urls.py
veiws.py
- from django.shortcuts import render, HttpResponse
- from rest_framework.views import APIView
- from rest_framework import exceptions
- # Create your views here.
- #实例url:http://127.0.0.1:8000/book/?token=1
- class MyAuth(object):
- def authenticate(self, request):
- # 该示例认证是需要在请求的url加上参数token(实际直接是校验用户名或密码或者登陆标识等)
- token = request._request.GET.get('token')
- if not token:
- raise exceptions.AuthenticationFailed('未认证用户!!!')
- return ('认证通过的request.user', 'request.auth') # 认证函数执行结果如果通过则为元组,元组第一个元素封装在为request.user,第二个参数封装在request.auth中
- def authenticate_header(self, request):
- pass
- class CourseView(APIView):
- # 认证组件
- authentication_classes = [MyAuth, ]
- def get(self, request):
- print(request.user)#request.user在APIViewD的dispatch中进行封装的
- return HttpResponse('GET')
- def post(self, request):
- return HttpResponse('POST')
- def put(self, request):
- return HttpResponse('PUT')
- def patch(self, request):
- return HttpResponse('PATCH')
- def delete(self, request):
- return HttpResponse('DELETE')
veiws.py
2.DRF认证组件的使用(局部和全局)
方式一:局部配置---视图类中添加类变量 authentication_classes=[MyAuth,]---(认证类列表)
settings.py配置见上(注册rest_framework应用)
models.py
- from django.db import models
- # Create your models here
- class UserInfo(models.Model):
- """
- 用户表
- """
- user_type_choices = [
- (1, '普通用户'),
- (2, 'VIP用户'),
- (3, 'SVIP用户'),
- ]
- user_type = models.IntegerField(choices=user_type_choices)
- username = models.CharField(max_length=10, unique=True)
- password = models.CharField(max_length=12, null=False)
- class UserToken(models.Model):
- """
- token表
- """
- user = models.OneToOneField(to='UserInfo')
- token = models.CharField(max_length=64)
- create_time = models.DateTimeField(auto_now=True)
- class Book(models.Model):
- name = models.CharField(max_length=12)
models.py
urls.py
- from django.conf.urls import url
- from django.contrib import admin
- from app01 import views
- urlpatterns = [
- url(r'^admin/', admin.site.urls),
- url(r'^api/v1/login', views.AuthView.as_view()),
- url(r'^book/', views.CourseView.as_view(),name='courses'),
- ]
urls.py
views.py
- from django.shortcuts import render, HttpResponse
- from rest_framework.views import APIView
- from rest_framework import exceptions
- from app01 import models
- from django.http import JsonResponse
- # Create your views here.
- # 实例url:http://127.0.0.1:8000/book/?token=1
- #认证类,每个类使用都需要加上类变量参数authentication_classes = [MyAuth, ]
- class MyAuth(object):
- def authenticate(self, request):
- # 该示例认证是需要在请求的url加上参数token(实际直接是校验用户名或密码或者登陆标识等)
- token = request._request.GET.get('token')
- token_obj = models.UserToken.objects.get(token=token)
- if not token_obj:
- raise exceptions.AuthenticationFailed('未认证用户!!!')
- return (token_obj.user, 'request.auth') # 认证函数执行结果如果通过则为元组,元组第一个元素封装在为request.user,第二个元素封装为request.auth
- def authenticate_header(self, request):
- pass
- class CourseView(APIView):
- # (1)认证组件
- authentication_classes = [MyAuth, ]
- def get(self, request):
- print(request.user) # request.user在认证组件中进行封装的
- return HttpResponse('GET')
- def post(self, request):
- return HttpResponse('POST')
- def put(self, request):
- return HttpResponse('PUT')
- def patch(self, request):
- return HttpResponse('PATCH')
- def delete(self, request):
- return HttpResponse('DELETE')
- import time
- import hashlib
- def token_md5(username):
- """
- 自定义token
- :param username:
- :return:
- """
- t = time.time()
- md5 = hashlib.md5(str(t).encode('utf-8'))
- md5.update(username.encode('utf-8'))
- return md5.hexdigest()
- class AuthView(APIView):
- def post(self, request):
- """
- 用户登录
- :param request:进行封装之后的request对象
- :return: 登录结果信息
- """
- ret = {'code': 0, 'msg': ''}
- print(request._request.POST)
- username = request._request.POST.get('username', None)
- password = request._request.POST.get('password', None)
- # 每次登陆如果有就更新没有就创建
- try:
- user_obj = models.UserInfo.objects.filter(username=username, password=password).first()
- if user_obj:
- token = token_md5(username)
- print(token)
- # 每次登陆如果有就更新没有就创建
- models.UserToken.objects.update_or_create(user=user_obj, defaults={'token': token})
- ret['msg'] = '登陆成功!'
- ret['token'] = token
- else:
- ret['code'] = 1
- ret['msg'] = '账号或密码有误!!!'
- except Exception as e:
- ret['code'] = 2
- ret['msg'] = '未知错误!!!'
- finally:
- return JsonResponse(ret)
views.py
方式二:全局配置----在settings.py配置文件中加载REST_FRAMEWORK配置
settings.py
- INSTALLED_APPS = [
- 'django.contrib.admin',
- 'django.contrib.auth',
- 'django.contrib.contenttypes',
- 'django.contrib.sessions',
- 'django.contrib.messages',
- 'django.contrib.staticfiles',
- 'app01.apps.App01Config',
- 'rest_framework',
- ]
- REST_FRAMEWORK = {
- 'DEFAULT_AUTHENTICATION_CLASSES' : ['app01.utils.auth.MyAuth',],#可以自定义多个认证类
- 'UNAUTHENTICATED_USER':lambda :'匿名用户request.user自定义值',#request.user有默认值,可以直接写None
- 'UNAUTHENTICATED_TOKEN':lambda :'request.auth自定义值',#request.auth有默认值,可以直接写None
- }
seetings.py
utils--auth.py--MyAuth认证类
- from rest_framework import exceptions
- from app01 import models
- class MyAuth(object):
- def authenticate(self, request):
- # 该示例认证是需要在请求的url加上参数token(实际直接是校验用户名或密码或者登陆标识等)
- token = request._request.GET.get('token')
- token_obj = models.UserToken.objects.get(token=token)
- if not token_obj:
- raise exceptions.AuthenticationFailed('未认证用户!!!')
- return (token_obj.user, 'request.auth') # 认证函数执行结果如果通过则为元组,元组第一个元素封装在为request.user,第二个元素封装为request.auth
- def authenticate_header(self, request):
- pass
models.py
- from django.db import models
- # Create your models here
- class UserInfo(models.Model):
- """
- 用户表
- """
- user_type_choices = [
- (1, '普通用户'),
- (2, 'VIP用户'),
- (3, 'SVIP用户'),
- ]
- user_type = models.IntegerField(choices=user_type_choices)
- username = models.CharField(max_length=10, unique=True)
- password = models.CharField(max_length=12, null=False)
- class UserToken(models.Model):
- """
- token表
- """
- user = models.OneToOneField(to='UserInfo')
- token = models.CharField(max_length=64)
- create_time = models.DateTimeField(auto_now=True)
- class Book(models.Model):
- name = models.CharField(max_length=12)
models.py
urls.py
- from django.conf.urls import url
- from django.contrib import admin
- from app01 import views
- urlpatterns = [
- url(r'^admin/', admin.site.urls),
- url(r'^api/v1/login', views.AuthView.as_view()),
- url(r'^book/', views.CourseView.as_view(),name='courses'),
- ]
urls.py
views.py
- from django.shortcuts import render, HttpResponse
- from rest_framework.views import APIView
- from rest_framework import exceptions
- from app01 import models
- from django.http import JsonResponse
- # 实例url:http://127.0.0.1:8000/book/?token=1
- class CourseView(APIView):
- # (1)认证组件
- authentication_classes = [MyAuth, ]
- def get(self, request):
- print(request.user) #request.user在APIViewD的dispatch中进行封装的
- return HttpResponse('GET')
- def post(self, request):
- return HttpResponse('POST')
- def put(self, request):
- return HttpResponse('PUT')
- def patch(self, request):
- return HttpResponse('PATCH')
- def delete(self, request):
- return HttpResponse('DELETE')
- import time
- import hashlib
- def token_md5(username):
- """
- 自定义token
- :param username:
- :return:
- """
- t = time.time()
- md5 = hashlib.md5(str(t).encode('utf-8'))
- md5.update(username.encode('utf-8'))
- return md5.hexdigest()
- class AuthView(APIView):
- #如果不注册自定义组件,走默认的认证,最后返回了request.user和request.auth都是匿名用户默认值,可以在settings.py中加载自定义配置
- def post(self, request):
- """
- 用户登录
- :param request:进行封装之后的request对象
- :return: 登录结果信息
- """
- ret = {'code': 0, 'msg': ''}
- print(request._request.POST)
- username = request._request.POST.get('username', None)
- password = request._request.POST.get('password', None)
- # 每次登陆如果有就更新没有就创建
- try:
- user_obj = models.UserInfo.objects.filter(username=username, password=password).first()
- if user_obj:
- token = token_md5(username)
- print(token)
- # 每次登陆如果有就更新没有就创建
- models.UserToken.objects.update_or_create(user=user_obj, defaults={'token': token})
- ret['msg'] = '登陆成功!'
- ret['token'] = token
- else:
- ret['code'] = 1
- ret['msg'] = '账号或密码有误!!!'
- except Exception as e:
- ret['code'] = 2
- ret['msg'] = '未知错误!!!'
- finally:
- return JsonResponse(ret)
views.py
3.DRF认证组件的继承类(常用)
utils--auth.py--MyAuth认证类
- from rest_framework import exceptions
- from app01 import models
- from rest_framework.authentication import BaseAuthentication,BasicAuthentication
- # 实例url:http://127.0.0.1:8000/book/?token=1
- #认证类(可以定义多个):
- # 方式一:每个类使用都需要加上类变量参数authentication_classes = [MyAuth, ]
- #方式二:在setings.py配置中加载REST_FRAMEWORK配置----'DEFAULT_AUTHENTICATION_CLASSES' : [],
- # class MyAuth(object):
- class MyAuth(BaseAuthentication):#可以直接继承BaseAuthentication类,可以省略authenticate_header方法,或者继承BasicAuthentication
- def authenticate(self, request):
- # 该示例认证是需要在请求的url加上参数token(实际直接是校验用户名或密码或者登陆标识等)
- token = request._request.GET.get('token')
- token_obj = models.UserToken.objects.get(token=token)
- if not token_obj:
- raise exceptions.AuthenticationFailed('未认证用户!!!')
- return (token_obj.user', 'request.auth') # 认证函数执行结果如果通过则为元组,元组第一个元素封装在为request.user
- # def authenticate_header(self, request):
- # pass
utils--auth.py--MyAuth认证类
settings.py
- INSTALLED_APPS = [
- 'django.contrib.admin',
- 'django.contrib.auth',
- 'django.contrib.contenttypes',
- 'django.contrib.sessions',
- 'django.contrib.messages',
- 'django.contrib.staticfiles',
- 'app01.apps.App01Config',
- 'rest_framework',
- ]
- REST_FRAMEWORK = {
- #认证组件
- 'DEFAULT_AUTHENTICATION_CLASSES' : ['app01.utils.auth.MyAuth',],#可以自定义多个认证类
- 'UNAUTHENTICATED_USER':lambda :'匿名用户request.user自定义值',#request.user有默认值,可以直接写None
- 'UNAUTHENTICATED_TOKEN':lambda :'request.auth自定义值',#request.auth有默认值,可以直接写None
- }
seetings.py
DRF认证组件的更多相关文章
- drf认证组件、权限组件、jwt认证、签发、jwt框架使用
目录 一.注册接口 urls.py views.py serializers.py 二.登录接口 三.用户中心接口(权限校验) urls.py views.py serializers.py 四.图书 ...
- drf认证组件(介绍)、权限组件(介绍)、jwt认证、签发、jwt框架使用
目录 一.注册接口 urls.py views.py serializers.py 二.登录接口 三.用户中心接口(权限校验) urls.py views.py serializers.py 四.图书 ...
- DRF认证组件流程分析
视图函数中加上认证功能,流程见下图 import hashlib import time def get_random(name): md = hashlib.md5() md.update(byte ...
- Django框架之DRF 认证组件源码分析、权限组件源码分析、频率组件源码分析
认证组件 权限组件 频率组件
- DRF框架(六)——三大认证组件之认证组件、权限组件
drf认证组件 用户信息表 from django.db import models from django.contrib.auth.models import AbstractUser class ...
- 【DRF认证】
目录 认证组件的详细用法 本文详细讲述了DRF认证组件的原理以及用法. @ * 源码剖析** 上一篇博客讲解DRF版本的时候我们都知道了,在dispatch方法里执行了initial方法来初始化我们的 ...
- drf视图组件、认证组件
视图组件 1.基本视图 url(r'^publish/$', views.PublishView.as_view()), url(r'^publish/(?P<pk>\d+)/$', vi ...
- DRF框架之认证组件用法(第四天)
1. 什么是drf 框架的认证组件: auth 就等于是jango中的Auth模块,Auth是自带session信息,但是 drf的认证组件可以自定义token携带过去,去判断用的 2.如何实现认证呢 ...
- DRF 之 认证组件
1.认证的作用? 我们知道,当我们在网站上登陆之后,就会有自己的个人中心,之类的可以对自己的信息进行修改.但是http请求又是无状态的,所以导致我们每次请求都是一个新的请求,服务端每次都需要对请求进行 ...
随机推荐
- 【转帖】Python 重复造轮子/造轮子找模子,你都应该熟读该文
Chardet,字符编码探测器,可以自动检测文本.网页.xml的编码. colorama,主要用来给文本添加各种颜色,并且非常简单易用. Prettytable,主要用于在终端或浏览器端构建格式化的输 ...
- 设计数据库 ER 图太麻烦?不妨试试这两款工具,自动生成数据库 ER 图!!!
忙,真忙 点赞再看,养成习惯,微信搜索『程序通事』,关注就完事了! 点击查看更多精彩的文章 这两个星期真是巨忙,年前有个项目因为各种莫名原因,一直拖到这个月才开始真正测试.然后上周又接到新需求,马不停 ...
- 移动端上传图片(引入exif-js,图片被压缩为base64)
<template> <div class="vue-box"> <img :src="imgUrl" alt="&qu ...
- openlayers3中Overlay用法
Overlay 从名字看,是覆盖图.覆盖物的意思,主要的用途就是在地图之上再覆盖一层,用以显示额外的可见元素,可见元素一般是 HTML 元素,利用 overlay,可以将可见元素放置到地图的任意位置, ...
- SpringMVC Root WebApplicationContext启动流程
传统的SpringMVC项目中,需要在web.xml中配置Contextlistener.ContextLoaderListener是负责引导启动和关闭Spring的Root上下文的监听器.主要将处理 ...
- javascript阻止子元素继承父元素事件
$('.box').on('click', function (e) { if(e.target == this) { console.log(e.target) } })
- windows下flume 采集如何支持TAILDIR和tail
一.问题:Windows 下 flume采集配置TAILDIR的时候,会报如下错误: agent.sources.seqGenSrc.type = TAILDIR agent.sources.seqG ...
- Java集合面试题汇总篇
文章收录在 GitHub JavaKeeper ,N线互联网开发必备技能兵器谱 作为一位小菜 "一面面试官",面试过程中,我肯定会问 Java 集合的内容,同时作为求职者,也肯定会 ...
- Educational Codeforces Round 77 (Rated for Div. 2) C. Infinite Fence
C. Infinite Fence 题目大意:给板子涂色,首先板子是顺序的,然后可以涂两种颜色,如果是r的倍数涂成红色,是b的倍数涂成蓝色, 连续的k个相同的颜色则不能完成任务,能完成任务则输出OBE ...
- B. Math Show 暴力 C - Four Segments
B. Math Show 这个题目直接暴力,还是有点难想,我没有想出来,有点思维. #include <cstdio> #include <cstdlib> #include ...