test development python django-60. login using token (TokenAuthentication)

Foreword

Now a lot of the interface project returns a token at login, take this token to access requests after login access after login.
Benpian use djangorestframework framework to write a login interface, return token after a successful login.
Preparing the environment:
Python 3.6
Django 2.1.2

TokenAuthentication

django rest framework permission and certification in four ways:

• BasicAuthentication this authentication scheme uses HTTP basic authentication, the user is signed in accordance with a user name and password. Basic authentication is usually only available for testing
• TokenAuthentication this authentication scheme uses a simple HTTP-based token authentication scheme. It applies to both client authentication token - server settings, such as native desktop and mobile clients.
• Use Django's default session backend SessionAuthentication this authentication scheme to authenticate. Session authentication applies to AJAX clients to your site is running in the same session context.
• RemoteUserAuthentication This authentication scheme allows you to delegate authentication to the Web server, which set the REMOTE_USER environment variable.

Benpian speaking TokenAuthentication authentication mode, a corresponding module installed

pip install djangorestframework

Add the configuration parameters setting.py

INSTALLED_APPS = (
    ...
    'rest_framework',
    'rest_framework.authtoken',
)

Add REST_FRAMEWORK items rest_framework.authentication.TokenAuthenticationabove said third token authentication methods.

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',  # token认证
    )
}

The synchronization database table generated authtoken_token

python manage.py migrate

After the execution is completed, there will be more of a database table authtoken_token

Login generate token Case

Login directly with django comes with the User table, so no need to redesign the table, that is, data User login account table, prepare some account login, such as my login account is a test, the password is 123456

views.py Edit View function log

# views.py
from django.shortcuts import render
from django.http import JsonResponse
from django.shortcuts import HttpResponse
from rest_framework.authtoken.models import Token
from django.contrib import auth
from rest_framework.views import APIView

# 作者：上海-悠悠，QQ交流群：750815713

class LoginViewSet(APIView):
    '''登录方法'''

    def post(self, request, *args, **kwargs):
        username = request.data.get('username')
        password = request.data.get('password')
        user = auth.authenticate(username=username, password=password)
        if not user:
            return HttpResponse({"code": 0,
                                "msg": "用户名或密码不对!"})
        # 删除原有的Token
        old_token = Token.objects.filter(user=user)
        old_token.delete()
        # 创建新的Token
        token = Token.objects.create(user=user)
        return JsonResponse({"code": 0,
                             "msg": "login success!",
                             "username": user.username,
                             "token": token.key})

urls.py set access address

# urls.py
from apiapp import views
from django.conf.urls import url

# 作者：上海悠悠，QQ交流群：750815713


urlpatterns = [
    url(r'^api/v1/login/$', views.LoginViewSet.as_view()),
]

Sign in to get tested token

Then the test returns logon token interface, the use of post requests, a request type Content-Type: application / json

Test Results

After a successful login, token table which is written authtoken_token

After other interfaces need to log in to access, user authentication token that is next repeat