JWT安装配置
1,1 安装JWT
pip install djangorestframework-jwt==1.11.0
1,2 syl/settings.py配置jwt载荷中的有效期设置
JWT_AUTH = {
'JWT_AUTH_HEADER_PREFIX':'JWT',
'JWT_EXPIRAIION_DELTA':datetime.timedelta(days=1),
'JWT_ALLOW_REFRESH':True,
'JWT_PEFRESH_EXPIRALLON_DELTA':datetime.timedelta(hours=24),
'JWT_RESPOMSE_PAYLOAD_HANDLER':'user.utils.jwt_response_payload_heandler',
}
1,3syl/settings.py JWT结合DRF进行认证权限配置
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES':[
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',],
'DEFAULT_PERMISSION_CLASSES':[
'rest_framework.permissions.IsAuthenticated',],
}
1,4 user/urls.py 增加获取token接口和刷新token接口
from django.urls import include, path from rest_framework.authtoken.views import obtain_auth_token
from user import views from rest_framework.routers import SimpleRouter, DefaultRouter from rest_framework_jwt.views import obtain_jwt_token, refresh_jwt_token
# 自动生成路由方法, 必须使用视图集 # router = SimpleRouter() # 没有根路由 /user/ 无法识别 router = DefaultRouter() # 有根路由 router.register(r'user', views.UserViewSet)
urlpatterns = [ path('index/', views.index), # 函数视图 path('login/', obtain_jwt_token), # 获取token,登录视图 path('refresh/', refresh_jwt_token), # 刷新token path('api-auth/', include('rest_framework.urls', namespace='rest_framework')), # 认证地址 ]
urlpatterns += router.urls # 模块地址
1,5 在user/utils.py中重写jwt_ret_response_payload_handler
def jwt_response_payload_header(token, user=None, request=None, role=None, role=None):
if user.first_name:
name=user.first_name
else:
name=user.username
return {
'authenticated':'true',
'id':user.id,
'role':user.role,
'name':user.name,
'username':user.username,
'email':'user.email',
'token':'user.token'
}
2, postman 测试接口
http://192.168.56.100:8888/user/login/
1,自定义权限类
permission_classes = (MyPermission,)
authentication_classes = (JSONWebToken Authentication,)
2, 使用获取的token获取所有用户信息
http://192.168.56.100:8888/user/user/
浙公网安备 33010602011771号