文章目錄

TOKEN

獲取TOKEN

TOKEN

項目文件樹形圖

配置

#1 settings.py

INSTALLED_APPS = [
    ...
    'app', # app
    'rest_framework', # 使用Django restframework
    'rest_framework.authtoken', #TOKEN 驗證
]

...
AUTH_USER_MODEL = 'app.UserProfile' # 因爲models使用AbstractUser
import datetime
JWT_AUTH = {
    'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1),# token的有效期
    'JWT_ISSUER': 'http://fasfdas.baicu',
    'JWT_AUTH_HEADER_PREFIX': 'TOKEN',
    'JWT_ALLOW_REFRESH': True,
    'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=1)
}
...

#2 models.py

from django.db import models
from django.contrib.auth.models import AbstractUser
class UserProfile(AbstractUser):
    age = models.IntegerField(verbose_name="年齡",default="1")

#3 views.py

from django.shortcuts import render
from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework import status
from app import models
from django.contrib.auth import login
from rest_framework_jwt.settings import api_settings
from django.contrib.auth import authenticate
from django.shortcuts import Http404
from rest_framework import mixins
from rest_framework.viewsets import GenericViewSet
from rest_framework import serializers
from drf_dynamic_fields import DynamicFieldsMixin
from rest_framework import permissions
from rest_framework_jwt.authentication import JSONWebTokenAuthentication


"""1. 登陸"""
class loginView(APIView):
    """登陸成功後,獲取TOKEN"""
    def post(self,request):
        user = authenticate(username=request.data["username"], password=request.data["password"])
        if not user:
            raise Http404("賬號密碼不匹配")
        login(request, user)
        jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
        jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
        payload = jwt_payload_handler(user)
        token = jwt_encode_handler(payload)
        return Response({ "success": True, "msg": "登錄成功","results": token},status=status.HTTP_200_OK)


"""2. 新增玩家"""
class UserSerializer(DynamicFieldsMixin,serializers.ModelSerializer):
    class Meta:
        model = models.UserProfile
        fields = ["username","password",]
    def create(self, validated_data):
        user= models.UserProfile.objects.create_user(**validated_data) # 這裏新增玩家必須用create_user,否則密碼不是祕文
        return user

class createUser(mixins.CreateModelMixin,GenericViewSet):
    queryset = models.UserProfile.objects.all()
    serializer_class = UserSerializer


"""3. 獲取用戶列表(驗證token)"""
class getUser(mixins.ListModelMixin,GenericViewSet):
    authentication_classes = (JSONWebTokenAuthentication,)
    permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
    queryset = models.UserProfile.objects.all()
    serializer_class = UserSerializer

#4 urls.py

from django.contrib import admin
from django.urls import path,include
from app import views
from rest_framework import routers
from app import views
createUserViewRouter = routers.DefaultRouter() # 新增用戶
createUserViewRouter.register('', views.createUser,)
getUserRouter = routers.DefaultRouter() # 查看用戶列表
getUserRouter.register('', views.getUser,)
urlpatterns = [
    path('admin/', admin.site.urls),
    path('gettoken/',views.loginView.as_view()), # 獲取 token
    path('createuser/',include(createUserViewRouter.urls)), # 新增用戶
    path('getuser/',include(getUserRouter.urls)), # 新增用戶
]

獲取TOKEN

創建一個用戶(調用新增用戶接口)

http://127.0.0.1:8000/createuser/

登陸用戶,獲取token

http://127.0.0.1:8000/gettoken/

驗證token

未加token驗證

class getUser(mixins.ListModelMixin,GenericViewSet):
    queryset = models.UserProfile.objects.all()
    serializer_class = UserSerializer

http://127.0.0.1:8000/getuser/

加token驗證

class getUser(mixins.ListModelMixin,GenericViewSet):
    authentication_classes = (JSONWebTokenAuthentication,) # 驗證token
    permission_classes = (permissions.IsAuthenticated,) # 只允許登陸成功的用戶訪問
    queryset = models.UserProfile.objects.all()
    serializer_class = UserSerializer

http://127.0.0.1:8000/getuser/

權限

permission_classes = (permissions.AllowAny,) # 所有用戶
permission_classes = (permissions.IsAuthenticated,) # 登陸成功的token
permission_classes = (permissions.IsAuthenticatedOrReadOnly,) # 登陸成功的token,只能讀操作
permission_classes = (permissions.IsAdminUser,) # 登陸成功的管理員token

Github

https://github.com/Coxhuang/TOKEN.git

官方文檔

~~http://getblimp.github.io/django-rest-framework-jwt/~~

新的文檔地址:

http://jpadilla.github.io/django-rest-framework-jwt/

Django REST Framework JWT Auth TOKEN

文章目錄

TOKEN

項目文件樹形圖

配置

#1 settings.py

#2 models.py

#3 views.py

#4 urls.py

獲取TOKEN

創建一個用戶(調用新增用戶接口)

登陸用戶,獲取token

驗證token

未加token驗證

加token驗證

權限

Github

官方文檔

探究職業發展的關鍵：能力模型解讀

高效率使用windows

智能決策新時代：可視化大屏是否能夠超越傳統白板？

解密Prompt系列28. LLM Agent之金融領域摸索：FinMem & FinAgent

分享幾個.NET開源的AI和LLM相關項目框架

ROS學習---Ubuntu安裝ROS

ROS學習---遠程啓動ROS節點

Python單實例模式

MySQL中的Join用法

Web安全(二)---跨域資源共享

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結