rest_framework框架的认证、权限

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": ["app01.utils.TokenAuth", ]
}

class TokenAuth(BaseAuthentication):
    def authenticate(self, request):
        token = request.GET.get('token')
        token_obj = Token.objects.filter(token=token).first()
        if not token_obj:
            raise exceptions.AuthenticationFailed('验证失败！')
        else:
            return token_obj.user.name, token_obj.token

class SVIPPermission(object):
    message = '只有冲钱爸爸才能访问'

    def has_permission(self, request, view):
        username = request.user
        user_type = User.objects.filter(name=username).first().user_type
        if user_type == 3:
            return True
        else:
            return False