三方授权登陆(oauth)
基于Oauth2.0
oauth2.0四种授权模式
隐世授权模式
授权码授权模式(最完善)
密码模式
客户端凭证模式
1.vue请求跳转的微博的url发送给django端
2.django拼接url返回给vue端
3.vue通过url跳转到微博
4.微博完成授权返回code给vue
5.vue将code转发给django
6.django拿code去微博换取token
7.微博返回uid和token给django
8.django拿到uid判断微博用户是否存在本地
8.1存在直接登录 8.2不存在需要绑定本地用户
8.2.1有本地用户直接绑定 8.2.2没有注册后绑定
生成跳转到微博的url
view.py
import requests from django.contrib.auth.hashers import make_password from django.shortcuts import render from urllib.parse import urlencode from rest_framework.views import APIView from rest_framework.response import Response from utils.MyBaseView import create_token from .models import *
class WeiBoUrl(APIView): def post(self,request): url = 'https://api.weibo.com/oauth2/authorize?' data = { 'client_id': 3023934213, # WEIBO_APP_KEY, 'response_type': 'code', 'redirect_uri': 'http://127.0.0.1:8888/oauth/callback/', } weibo_url = url + urlencode(data) return Response({'code':0,'msg':'成功','data':{'url':weibo_url}})
微博完成授权返回uid和token
import requests from django.contrib.auth.hashers import make_password from django.shortcuts import render from urllib.parse import urlencode from rest_framework.views import APIView from rest_framework.response import Response from utils.MyBaseView import create_token from .models import * class WeiBoCallback(APIView): def post(self,request): code = request.data.get('code') data = { 'client_id':3023934213, 'client_secret':'104bd94675f786d4be068b7f5f07d2bc', 'grant_type':'authorization_code', 'code':code, 'redirect_uri': 'http://127.0.0.1:8888/oauth/callback/', } url = 'https://api.weibo.com/oauth2/access_token' json_weibo_data = requests.post(url=url,data=data).json() uid = json_weibo_data.get('uid') if uid: try: uid_user = OauthUser.objects.get(uid=uid) res_data = { 'code':0, 'msg':'授权成功', 'data':{ 'type':'0', 'uid':uid, 'username':uid_user.user.username, 'token':create_token(uid_user.user) } } return Response(res_data) except Exception as e: res_data = { 'code':0, 'msg':'授权成功', 'data':{ 'type':'1', 'uid':uid } } return Response(res_data) else: return Response({'code':9999,'msg':'获取微博信息失败'})
import requests from django.contrib.auth.hashers import make_password from django.shortcuts import render from urllib.parse import urlencode from rest_framework.views import APIView from rest_framework.response import Response from utils.MyBaseView import create_token from .models import * class WeiBoBindUser(APIView): def post(self,request): oauth_type = 1 username = request.data.get('username') password = request.data.get('password') weibo_uid = request.data.get('username') if not all([username,password,weibo_uid]): return Response({'code':4001,'msg':'参数不齐'}) try: user = User.objects.get(username=username) oauthinfo = OauthUser.objects.create(uid=weibo_uid,oauth_type=oauth_type,user=user) data = { 'authenticated':True, 'id':user.id, 'a':None, 'name':user.nick_name, 'username':username, 'email':user.email, 'token':create_token(user), 'type':0 } res_data = { 'code':0, 'msg':'登陆成功', 'data':data } return Response(res_data) except Exception as e: password = make_password(password) user = User.objects.create(username=username,password=password) oauthinfo = OauthUser.objects.create(uid=weibo_uid,oauth_type=oauth_type,user=user) data = { 'authenticated':True, 'id':user.id, 'role':None, 'name':user.nick_name, 'username':username, 'email':user.email, 'token':create_token(user), 'type':0 } res_data={ 'code':0, 'msg':'登陆成功', 'data':data } return Response(res_data)
本地用户登录
class WeiBoBindUser(APIView):
def post(self,request):
oauth_type = 1
username = request.data.get('username')
password = request.data.get('password')
weibo_uid = request.data.get('username')
if not all([username,password,weibo_uid]):
return Response({'code':4001,'msg':'参数不齐'})
try:
user = User.objects.get(username=username)
oauthinfo = OauthUser.objects.create(uid=weibo_uid,oauth_type=oauth_type,user=user)
data = {
'authenticated':True,
'id':user.id,
'a':None,
'name':user.nick_name,
'username':username,
'email':user.email,
'token':create_token(user),
'type':0
}
res_data = {
'code':0,
'msg':'登陆成功',
'data':data
}
return Response(res_data)
except Exception as e:
password = make_password(password)
user = User.objects.create(username=username,password=password)
oauthinfo = OauthUser.objects.create(uid=weibo_uid,oauth_type=oauth_type,user=user)
data = {
'authenticated':True,
'id':user.id,
'role':None,
'name':user.nick_name,
'username':username,
'email':user.email,
'token':create_token(user),
'type':0
}
res_data={
'code':0,
'msg':'登陆成功',
'data':data
}
return Response(res_data)
