Foreword
Now a lot of the interface project returns a token at login, take this token to access requests after login access after login.
Benpian use djangorestframework framework to write a login interface, return token after a successful login.
Preparing the environment:
Python 3.6
Django 2.1.2
TokenAuthentication
django rest framework permission and certification in four ways:
- BasicAuthentication this authentication scheme uses HTTP basic authentication, the user is signed in accordance with a user name and password. Basic authentication is usually only available for testing
- TokenAuthentication this authentication scheme uses a simple HTTP-based token authentication scheme. It applies to both client authentication token - server settings, such as native desktop and mobile clients.
- Use Django's default session backend SessionAuthentication this authentication scheme to authenticate. Session authentication applies to AJAX clients to your site is running in the same session context.
- RemoteUserAuthentication This authentication scheme allows you to delegate authentication to the Web server, which set the REMOTE_USER environment variable.
Benpian speaking TokenAuthentication authentication mode, a corresponding module installed
pip install djangorestframework
Add the configuration parameters setting.py
INSTALLED_APPS = (
...
'rest_framework',
'rest_framework.authtoken',
)
Add REST_FRAMEWORK items rest_framework.authentication.TokenAuthentication
above said third token authentication methods.
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication', # token认证
)
}
The synchronization database table generated authtoken_token
python manage.py migrate
After the execution is completed, there will be more of a database table authtoken_token
Login generate token Case
Login directly with django comes with the User table, so no need to redesign the table, that is, data User login account table, prepare some account login, such as my login account is a test, the password is 123456
views.py Edit View function log
# views.py
from django.shortcuts import render
from django.http import JsonResponse
from django.shortcuts import HttpResponse
from rest_framework.authtoken.models import Token
from django.contrib import auth
from rest_framework.views import APIView
# 作者:上海-悠悠,QQ交流群:750815713
class LoginViewSet(APIView):
'''登录方法'''
def post(self, request, *args, **kwargs):
username = request.data.get('username')
password = request.data.get('password')
user = auth.authenticate(username=username, password=password)
if not user:
return HttpResponse({"code": 0,
"msg": "用户名或密码不对!"})
# 删除原有的Token
old_token = Token.objects.filter(user=user)
old_token.delete()
# 创建新的Token
token = Token.objects.create(user=user)
return JsonResponse({"code": 0,
"msg": "login success!",
"username": user.username,
"token": token.key})
urls.py set access address
# urls.py
from apiapp import views
from django.conf.urls import url
# 作者:上海悠悠,QQ交流群:750815713
urlpatterns = [
url(r'^api/v1/login/$', views.LoginViewSet.as_view()),
]
Sign in to get tested token
Then the test returns logon token interface, the use of post requests, a request type Content-Type: application / json
Test Results
After a successful login, token table which is written authtoken_token
After other interfaces need to log in to access, user authentication token that is next repeat