Django--JWT认证

目录

1.安装配置

1.1 下载

pip install djangorestframework-jwt

1.2配置settings.py

  • 注册应用
INSTALLED_APPS = [
    'rest_framework_jwt',
]

1.3配置JWT验证

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework_jwt.authentication.JSONWebTokenAuthentication',  # 在 DRF中配置JWT认证
    ],

}
# jwt载荷中的有效期设置
JWT_AUTH = {
    # token前缀:headers中 Authorization 值的前缀
    'JWT_AUTH_HEADER_PREFIX': 'JWT',
    # token有效期:一天有效
    'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1),
}

2.注册用户

2.1重写User表

from django.contrib.auth.models import AbstractUser

# 用户表
class User(AbstractUser):
    email = models.CharField(max_length=255,null=True,blank=True)
    phone = models.CharField(max_length=255,null=True,blank=True)
    
    class Meta:
        db_table = 'tb_user'

2.2生成Token

  • 创建MybaseView.py
from rest_framework_jwt.settings import api_settings

def creare_token(user):
    # 生成jwt_token
    jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
    jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
    payload = jwt_payload_handler(user)
    token = jwt_encode_handler(payload)
    print(token)
    return token

2.3序列化器

from .models import *
from rest_framework import serializers
from django.contrib.auth.hashers import make_password
from .MybaseView import creare_token


# 注册用户
class CreateUserSerializers(serializers.Serializer):
    username = serializers.CharField()
    password = serializers.CharField()
    email = serializers.CharField()
    phone = serializers.CharField()
    token = serializers.CharField(read_only=True)

    def create(self, validated_data):
        user = User.objects.create(**validated_data)
        # 密码加密
        password = make_password(validated_data.get('password'))
        user.password = password
        user.save()
        token = creare_token(user)
        user.token = token
        return user

2.4views.py

# 注册用户
class UserView(APIView):
    def post(self, request):
        data = request.data
        # print(data)

        if not all(['username', 'password', 'password2', 'email', 'phone']):
            return Response({'code': 202, 'msg': '参数不全'})

        if data['password'] != data['password2']:
            return Response({'code': 204, 'msg': '两次密码不一致'})

        try:
            user = CreateUserSerializers(data=data)
            user.is_valid()
            print(user.errors)
            user.save()
            return Response({'code': 200, 'msg': '创建用户成功', 'data': user.data})
        except Exception as e:
            return Response({'code': 201, 'msg': '创建失败,请重试'})

2.5 配置路由

urlpatterns = [
    path('user/', views.UserView.as_view()),
]

2.6Postman测试

Django--JWT认证


3.用户登录

3.1views.py

# 用户登录返回数据
def jwt_response_payload_handler(token, user=None, request=None):
    return {
        'userid': user.id,
        'user': user.username,
        'phone': user.phone,
        'token': token
    }

3.2配置路由

om rest_framework_jwt.views import obtain_jwt_token


urlpatterns = [
    path('user/', views.UserView.as_view()),     # 注册
    path('login/', obtain_jwt_token),		 # 登录
]

3.3Postman测试

Django--JWT认证


4.测试携带token才可访问接口

4.1views.py

# 登录状态才可查询用户
class UserInfoView(APIView):
    permission_classes = [IsAuthenticated]  # 接口中加权限
    authentication_classes = [JSONWebTokenAuthentication]
    def get(self, request):
        user = User.objects.all()
        obj = UserInfoSerializers(user, many=True)
        return Response({'code': 200, 'msg': '查询成功', "data": obj.data})

4.2序列化器

class UserInfoSerializers(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ('id','username','phone','email')

4.3配置路由

urlpatterns = [
    path('user/', views.UserView.as_view()),			# 注册
    path('login/', obtain_jwt_token),				# 登录
    path('get_user/', views.UserInfoView.as_view()),	        # 测试登录状态访问接口
]

4.4Postman测试

Django--JWT认证

上一篇:django 角色模板 后端接口 modelviewset


下一篇:Vue+express项目优化上线(1)