1、jwt相關方法
將得到的token轉爲payload
再將payload轉爲user id
配置文件api_settings.py
import datetime
from django.conf import settings
from rest_framework.settings import APISettings
USER_SETTINGS = getattr(settings, 'JWT_AUTH', None)
DEFAULTS = {
'JWT_ENCODE_HANDLER':
'rest_framework_jwt.utils.jwt_encode_handler',
'JWT_DECODE_HANDLER':
'rest_framework_jwt.utils.jwt_decode_handler',
'JWT_PAYLOAD_HANDLER':
'rest_framework_jwt.utils.jwt_payload_handler',
'JWT_PAYLOAD_GET_USER_ID_HANDLER':
'rest_framework_jwt.utils.jwt_get_user_id_from_payload_handler',
'JWT_PRIVATE_KEY':None,
'JWT_PUBLIC_KEY':None,
'JWT_PAYLOAD_GET_USERNAME_HANDLER':
'rest_framework_jwt.utils.jwt_get_username_from_payload_handler',
'JWT_RESPONSE_PAYLOAD_HANDLER':
'rest_framework_jwt.utils.jwt_response_payload_handler',
'JWT_SECRET_KEY': settings.SECRET_KEY,
'JWT_GET_USER_SECRET_KEY': None,
'JWT_ALGORITHM': 'HS256',
'JWT_VERIFY': True,
'JWT_VERIFY_EXPIRATION': True,
'JWT_LEEWAY': 0,
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=21),
'JWT_AUDIENCE': None,
'JWT_ISSUER': None,
'JWT_ALLOW_REFRESH': False,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=21),
'JWT_AUTH_HEADER_PREFIX': 'Bearer',
'JWT_AUTH_COOKIE': None,
}
api_settings = APISettings(USER_SETTINGS, DEFAULTS)
import jwt
from .api_settings import api_settings
def jwt_decode_handler(token):
options = {
'verify_exp': api_settings.JWT_VERIFY_EXPIRATION,
}
return jwt.decode(
token,
api_settings.JWT_PUBLIC_KEY or api_settings.JWT_SECRET_KEY,
api_settings.JWT_VERIFY,
options=options,
leeway=api_settings.JWT_LEEWAY,
audience=api_settings.JWT_AUDIENCE,
issuer=api_settings.JWT_ISSUER,
algorithms=[api_settings.JWT_ALGORITHM]
)
def jwt_get_user_id_from_payload_handler(payload):
return payload.get('id')
2、在中間件中處理凍結的邏輯
from django.http import JsonResponse
# 就是上面定義的方法
from comment.utils.utils import jwt_get_user_id_from_payload_handler, jwt_decode_handler
from users.models import User
import jwt
class PermissionMiddleware(MiddlewareMixin):
def process_request(self, request):
if request.META.get('HTTP_AUTHORIZATION'):
token = (request.META.get('HTTP_AUTHORIZATION').split(' '))[1]
try:
payload = jwt_decode_handler(token)
user_id = jwt_get_user_id_from_payload_handler(payload)
if not user_id:
return JsonResponse({"message": "用戶不存在!" , "errorCode": 5, "data": {}})
now_user = User.objects.values('id', 'is_freeze').filter(id=user_id).first()
if not now_user:
return JsonResponse({"message": "用戶不存在!" , "errorCode": 5, "data": {}})
if now_user.get('is_freeze'):
return JsonResponse({"message": "賬戶被凍結!", "errorCode": 6, "data": {}})
except jwt.ExpiredSignature:
return JsonResponse({"message": 'Token過期' , "errorCode": 5, "data": {}})
except jwt.DecodeError:
return JsonResponse({"message": 'Token不合法' , "errorCode": 5, "data": {}})
except jwt.InvalidTokenError as e:
return JsonResponse({"message": "出現了無法預料的view視圖錯誤:%s" % e, "errorCode": 1, "data": {}})
3、在settings.py中激活中間件
...
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware', # 跨域中間件
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'debug_toolbar.middleware.DebugToolbarMiddleware', # debug tool
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'comment.middleware.WechatAppMiddleware',
'comment.middleware.LogMiddleware',
'comment.middleware.JsondataMiddleware',
'comment.middleware.PermissionMiddleware', # 剛纔定義的中間件 在最後面的位置激活
]
...
4、相關此時截圖
正常的
不帶token的
攜帶錯誤token的
攜帶正常token,但是被凍結的
