drf 自定义认证

# models.py
from django.db import models


class Book(models.Model):
    title = models.CharField(max_length=64)
    author = models.CharField(max_length=225)
    price = models.CharField(max_length=64)


class User(models.Model):
    username = models.CharField(max_length=16)
    password = models.CharField(max_length=32)
    user_type = models.IntegerField(choices=((1, 'vip'), (2, 'comm'), (3, '2b')))


class UserToken(models.Model):
    token = models.CharField(max_length=64)
    user = models.OneToOneField(to='User', on_delete=models.DO_NOTHING)


# url.py
from django.contrib import admin
from django.urls import path, re_path, include
from rest_framework.routers import SimpleRouter

from app01 import views

router = SimpleRouter()
router.register('', views.BookView, 'get1')

urlpatterns = [
    path('admin/', admin.site.urls),

    # path('get1/', views.BookView.as_view(actions={'get': 'list', 'post': 'create'})),
    # re_path(r'get1/(?P<pk>\d)',
    #         views.BookView.as_view(actions={'get': 'retrieve', 'put': 'update', 'delete': 'destroy'})),
    path('login/', views.LoginView.as_view()),
    path('', include(router.urls)),

]

# view.py
import uuid
from django.shortcuts import render
from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework.decorators import action
from rest_framework.viewsets import ModelViewSet
from rest_framework.generics import GenericAPIView

from . import models
from . import serializer
from .authontionscate import comm_authentication


# 图书返回接口
class BookView(ModelViewSet):
    authentication_classes = [comm_authentication]
    queryset = models.Book.objects.all()
    serializer_class = serializer.ModelViewSetSerializer

    @action(methods=['GET', 'POST'], detail=False)
    def get1(self, request):
        book = self.get_queryset()[0:2]
        book_serializer = self.get_serializer(book, many=True)
        return Response({'code': 100, 'msg': '成功', 'data': book_serializer.data})


# 登录接口
class LoginView(APIView):
    def post(self, request):
        username = request.data.get('username')
        password = request.data.get('password')
        user = models.User.objects.filter(username=username, password=password).first()
        if user:
            token = uuid.uuid4()
            models.UserToken.objects.update_or_create(defaults={'token': token}, user=user)
            return Response({'code': 100, 'msg': '成功', 'token': token})
        else:
            return Response({'code': 101, 'msg': '失败，账号错误或密码错误'})

# serializer.py
from rest_framework import serializers
from . import models


class ModelViewSetSerializer(serializers.ModelSerializer):
    class Meta:
        model = models.Book
        fields = '__all__'
from rest_framework.authentication import BaseAuthentication

from rest_framework.exceptions import AuthenticationFailed

from . import models

# authontionscate.py
class comm_authentication(BaseAuthentication):
    def authenticate(self, request):
        # token 放的位置由后端决定
        token = request.GET.get('token')
        if token:
            token_user = models.UserToken.objects.filter(token=token).first()
            if token_user:
                return token_user.user, token
            # else:
            #     AuthenticationFailed({'code': 101, 'msg': '你没有权限'})
            else:
                raise AuthenticationFailed('token认证失败')
        else:
            raise AuthenticationFailed('token没有')