drf 登录鉴权简单实战
建表
from django.db import models
class UserInfo(models.Model):
username = models.CharField(verbose_name='用户名', max_length=32)
password = models.CharField(verbose_name='密码', max_length=32)
token = models.CharField(verbose_name='token', max_length=64, null=True, blank=True)
登录逻辑
class LoginView(APIView):
authentication_classes = []
def post(self, request):
username = request.data.get('username')
password = request.data.get('password')
user = models.UserInfo.objects.filter(username=username, password=password).first()
if not user:
return Response({'status': False, 'msg': '用户名密码错误', 'data': ''})
token = user.token = uuid.uuid4()
user.save()
return Response({'status': True, 'msg': '登录成功', 'data': token})
认证逻辑
from api import models
# 参数取值认证
class ParamsAuthentication(BaseAuthentication):
def authenticate(self, request):
token = request.query_params.get('token')
if not token:
return
user = models.UserInfo.objects.filter(token=token).first()
if user:
return user, token
return
def authenticate_header(self, request):
return 'API'
# 兜底认证,直接失败
class NoAuthentication(BaseAuthentication):
def authenticate(self, request):
raise AuthenticationFailed({"status": False, 'code': 10001, 'msg': '认证失败'})
def authenticate_header(self, request):
return 'API'
需要token的接口
# 需登录
class OrderView(APIView):
def get(self, request):
print(request.user, request.auth)
return Response({'status': 'OrderView'})
# 需登录
class UserView(APIView):
def get(self, request):
print(request.user, request.auth)
return Response({'status': 'UserView'})
本文作者:Sherwin
本文链接:https://www.cnblogs.com/sherwin1995/p/16746889.html
版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步