simpleui集成监控大屏
1.可以从gitee上找到开源的前端页面,集成到项目中即可
https://gitee.com/lvyeyou/DaShuJuZhiDaPingZhanShi?_from=gitee_search
restframework-jwt执行流程分析
1.双token认证
1.1用户在app或应用中操作时,token突然过期,此时用户不得不返回登录页面,重新登录,这种用户体验极差,于是引入双token校验机制
1.2实现原理:登录时服务端返回两个token,accessToken和refreshToken,accessToken过期时间短,refreshToken过期时间长,如果accessToken过期了,重新发请求,携带refreshToken发送请求,并且这次响应中又带了accessToken
'在django中顶格写的代码(没有缩进),都会执行'
2.签发流程
2.1obtain_jwt_token内的核心ObtainJSONWebToken.as_view()是个视图类,实现了登录功能,ObtainJSONWebToken中
class ObtainJSONWebToken(JSONWebTokenAPIView):
serializer_class = JSONWebTokenSerializer
-继承的父类JSONWebTokenAPIView中
class JSONWebTokenAPIView(APIView):
# 局部禁用掉的权限和认证
permission_classes = ()
authentication_classes = ()
def get_serializer_context(self):
return {
'request': self.request,
'view': self,
}
def get_serializer_class(self):
return self.serializer_class
def get_serializer(self, *args, **kwargs):
serializer_class = self.get_serializer_class()
kwargs['context'] = self.get_serializer_context()
return serializer_class(*args, **kwargs)
def post(self, request, *args, **kwargs):
# post请求执行,JSONWebTokenSerializer实例化得到的序列化类的对象,传入前端传的值
serializer = self.get_serializer(data=request.data)
# 校验前端传入的数据是否合法
if serializer.is_valid():
# 字段自己的规则、局部钩子、全局钩子(序列化类的validate方法)
# 从序列化类中取出当前登录用户
user = serializer.object.get('user') or request.user
# 从序列化类对象中农取出token
token = serializer.object.get('token')
# 返回的格式
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
2.2序列化类JSONWebTokenSerializer
class JSONWebTokenSerializer(Serializer):
# attrs是校验过后的数据
def validate(self, attrs):
credentials = {
# 'username': attrs.get('username')
self.username_field: attrs.get(self.username_field),
'password': attrs.get('password')
}
# 判断credentials有没有值
if all(credentials.values()):
# auth的校验用户名和密码是否正确
user = authenticate(**credentials)
if user:
# 通过用户获得payload: {}
payload = jwt_payload_handler(user)
return {
# 返回校验过后的数据
'token': jwt_encode_handler(payload),
'user': user
}
else:
# 根据用户名和密码查不到用户抛异常
raise serializers.ValidationError(msg)
else:
# 用户名和密码没传或传多了都不行
raise serializers.ValidationError(msg)
3.认证
3.1认证类JSONWebTokenAuthentication中
class JSONWebTokenAuthentication(BaseJSONWebTokenAuthentication):
def get_jwt_value(self, request):
# get_authorization_header(request)根据请求头中获取用户传入的HTTP_AUTHORIZATION,获取token
# .split()将token转换为auth=['jwt','真正的token']格式
auth = get_authorization_header(request).split()
auth_header_prefix = api_settings.JWT_AUTH_HEADER_PREFIX.lower()
# 判断auth有没有值
if not auth:
if api_settings.JWT_AUTH_COOKIE:
# auth没有值就从cookie中在获取
return request.COOKIES.get(api_settings.JWT_AUTH_COOKIE)
return None
if smart_text(auth[0].lower()) != auth_header_prefix:
return None
# 判断auth的长度等于1抛异常
if len(auth) == 1:
msg = _('Invalid Authorization header. No credentials provided.')
raise exceptions.AuthenticationFailed(msg)
# 判断auth的长度大于2抛异常
elif len(auth) > 2:
msg = _('Invalid Authorization header. Credentials string '
'should not contain spaces.')
raise exceptions.AuthenticationFailed(msg)
return auth[1]
3.2父类中BaseJSONWebTokenAuthentication中
class BaseJSONWebTokenAuthentication(BaseAuthentication):
# 认证就会走authenticate
def authenticate(self, request):
# jwt_value前端传入的token
jwt_value = self.get_jwt_value(request)
# 前端没有传入token,返回None,没有带token,认证类也能过,所以才加权限类
if jwt_value is None:
return None
try:
# 验证token,token合法就返回payload
payload = jwt_decode_handler(jwt_value)
except jwt.ExpiredSignature:
msg = _('Signature has expired.')
raise exceptions.AuthenticationFailed(msg)
except jwt.DecodeError:
msg = _('Error decoding signature.')
raise exceptions.AuthenticationFailed(msg)
except jwt.InvalidTokenError:
raise exceptions.AuthenticationFailed()
# 通过payload得到当前登录用户
user = self.authenticate_credentials(payload)
# 后期的request.user就是当前登录用户
return (user, jwt_value)
-
'这个认证类只要带了token,request.user就有值,如果没带token,就继续往后走'
浙公网安备 33010602011771号