Django rest_framework----认证,权限,频率组件

认证

from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed
from api.models import *

class AuthToken(BaseAuthentication):
    def authenticate(self, request):
        token=request.GET.get('token')
        token_obj=Token.objects.filter(token=token)

        if token_obj:

            return token_obj.user,token_obj

        else:

            raise AuthenticationFailed('验证失败')

 

全局使用settings配置

REST_FRAMEWORK={
    "DEFAULT_AUTHENTICATION_CLASSES":["app01.service.auth.Authentication",]
}

 

局部使用,只需要在视图类里加入:

authentication_classes = [TokenAuth, ]


权限

class SVIPPermission(object):
  message="只有超级用户才能访问"
  def has_permission(self,request,view):
    username=request.user
    user_type=User.objects.filter(name=username).first().user_type

    if user_type==3:

      return True # 通过权限认证
    else:
      return False

 

posted on 2018-11-04 15:52  <Hbw>  阅读(137)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 <Hbw>
Powered by .NET 8.0 on Kubernetes