第一版 :
自己写函数实现用户认证
#modelsfrom django.db import models#用户表class UserInfo(models.Model): user_type_choices=((1,‘普通用户‘),(2,‘VIP‘),(3,‘SVIP‘)) user_type = models.IntegerFIEld(choices=user_type_choices) username = models.Charfiled(max_length=32,uniquw=True) password = models.Charfiled(max_length=64)# 用登录成功的tokenclass UserToken(models.Model): user = models.OnetoOnefiled(to=‘UserInfo‘) token = models.Charfiled(max_length=64)# urlsuplpatters= [ url(r‘^API/v1/auth/$‘,vIEws.AuthVIEw.as_vIEw()),]#vIEwsfrom rest_framework.vIEws import APIVIEwfrom API import models# 生成随机字符串def Md5(user): import hashlib import time ctime = str(time.time()) m = hashlib,md5(bytes(user,encodeing=‘utf-8‘)) m.update(bytes(ctime,encodeing=‘utf-8‘)) return m.hexdigest()class AuthVIEw(APIVIEw): """ 用户登录认证 """ def post(self,request,*args,**kwargs): try: user = request._reqeust.POST.get(‘username‘) pwd = request._reqeust.POST.get(‘password‘) obj = models.UserInfo.objects.filter(username=user,password=pwd).first() if not obj: ret[‘code‘] = 1001 ret[‘msg‘] = ‘用户名密码错误‘ # 为用户创建token token = Md5(user) # 如果存在token就更新 不存在就创建 models.UserToken.objects.update_or_create(user=obj,defualts={‘token‘:token}) ret[‘token‘] = token except Exception as e: ret[‘code‘] = 1002 ret[‘msg‘] = ‘请求异常‘ return JsonResponse()ORDER_DICT = { 1:{ ‘name‘: ‘x‘,‘age‘: 18,‘gender‘:‘y‘,‘content‘: ‘...‘ },2:{ ‘name‘: ‘z‘,‘gender‘: ‘h‘,‘content‘: ‘...‘ }} class OrderVIEw(APIVIEw): """ 订单业务 """ def get(self,**kwargs): # token验证 token = request._reqeust.GET.get(‘token‘) if not token: return httpResponse(‘用户未登录‘) ret={‘code‘:1000,‘msg‘:None,‘data‘:None} try: ret[‘data‘] = ORDER_DICT except Exception as e: pass return JsonResponse(ret)
第二版: 改进版
使用restramework的authentication功能实现用户认证
#modelsfrom django.db import models#用户表class UserInfo(models.Model): user_type_choices=((1,encodeing=‘utf-8‘)) return m.hexdigest()class AuthVIEw(APIVIEw): """ 用户登录认证 """ def post(self,defualts={‘token‘:token}) ret[‘token‘] = token except Exception as e: ret[‘code‘] = 1002 ret[‘msg‘] = ‘请求异常‘ return JsonResponse()ORDER_DICT = { 1:{ ‘name‘: ‘x‘,‘content‘: ‘...‘ }}from rest_framework.request import Requestfrom rest_framework import exceptionsclass Authtication(object): """ 用户登录认证类 """ def authenticate(self,request): token = request._reqeust.GET.get(‘token‘) token_obj = models.UserToken.objects.filter(token=token).first() if not token_obj: raise exceptions.Authenticationfiled(‘用户认证失败‘) # 在restframework 内部会将这两个字段 赋值给request, 以供后续 *** 作使用 return (token_obj.user,token_obj) def anthentication_header(self,request): passclass OrderVIEw(APIVIEw): """ 订单业务 """ # restframework 自带功能能够验证 用户是否登录 authentication = [Authtication,] def get(self,**kwargs): ret={‘code‘:1000,‘data‘:None} try: ret[‘data‘] = ORDER_DICT except Exception as e: pass return JsonResponse(ret)
rest_framework源码执行流程:
流程:0-----------authentication_class = API_settings.DEFAulT_AUTHENTICATION_CLASSES1-----------def dispatch(): self.initial(request)2-----------def initial(): self.perform_authenticate()3-----------def perform_authenticate(): reuqest.user4-----------@porpertydef user(): _authenticate()5-----------def _anthenticate(): 循环认证类所有对象6-----------anthentication_class = [Authenticate,]7-----------Authenticate() 执行自定义的验证方法返回 user对象 和 token对象
全局配置:
REAT_FRAMEWORK = { ‘DEFAulT_AUTNENTICATINO_CLASSES‘: [‘API.utils.auth.Authtication‘,] }
局部不使用:
class OrderVIEw(APIVIEw): """ 订单业务 """ # 写一个空列表 就可以到达不用使用authentication_classes = [Authtication,] 达到不用登录验证的目的 authentication_classes = [] def get(self,**kwargs): return JsonResponse(ret)
配置匿名用户:
REAT_FRAMEWORK = { # 推荐配置restframework的匿名用户为None "UNAUTHENTCATION_USER": None, # request.user = None
"UNAUTHENTICATION_TOKEN" None,# request.token = None}
第三版:
继承BaseAuthentication
from rest_framework.authentication import BaseAuthenticationclass Authtication(BaseAuthentication): """ 用户登录认证类 """ def authenticate(self,token_obj)
总结 以上是内存溢出为你收集整理的Django rest-framework框架-认证组件的简单实例全部内容,希望文章能够帮你解决Django rest-framework框架-认证组件的简单实例所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)