Configuración de inicio de sesión de back-end de Django Configuración de inicio de sesión de back-end de Django D J A n- G O extremo posterior del registro de registro con contador
1. Cree la aplicación webauth
2. Registrar authweb en la configuración
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'apps.drf_demo',
'apps.webauth',
]
3. Registre un modelo de usuario personalizado en modelos en webauth
pip install django-shortuuidfield -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com
pip install pyjwt -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com
#encoding: utf-8
from django.contrib.auth.models import AbstractBaseUser,PermissionsMixin,BaseUserManager
from shortuuidfield import ShortUUIDField
from django.db import models
class UserManager(BaseUserManager):
def _create_user(self,telephone,username,password,**kwargs):
if not telephone:
raise ValueError('请传入手机号码!')
if not username:
raise ValueError('请传入用户名!')
if not password:
raise ValueError('请传入密码!')
user = self.model(telephone=telephone,username=username,**kwargs)
user.set_password(password)
user.save()
return user
def create_user(self,telephone,username,password,**kwargs):
kwargs['is_superuser'] = False
return self._create_user(telephone,username,password,**kwargs)
def create_superuser(self,telephone,username,password,**kwargs):
kwargs['is_superuser'] = True
kwargs['is_staff'] = True
return self._create_user(telephone,username,password,**kwargs)
class User(AbstractBaseUser,PermissionsMixin):
# 我们不使用默认的自增长的主键
# id:100,101,102,103
# uuid/shortuuid
# Shortuuidfield:pip install django-shortuuidfield
uid = ShortUUIDField(primary_key=True)
telephone = models.CharField(max_length=11,unique=True)
email = models.EmailField(unique=True,null=True)
username = models.CharField(max_length=100)
is_active = models.BooleanField(default=True)
is_staff = models.BooleanField(default=False)
data_joined = models.DateTimeField(auto_now_add=True)
USERNAME_FIELD = 'telephone'
# telephone,username,password
REQUIRED_FIELDS = ['username']
EMAIL_FIELD = 'email'
objects = UserManager()
def get_full_name(self):
return self.username
def get_short_name(self):
return self.username
4. Configure AUTH_USER_MODEL en la configuración
AUTH_USER_MODEL = "webauth.User"
5. Mapeo a la base de datos
makemigrations
migrate
6. Realización de la lógica de inicio de sesión en segundo plano
En el primero webauth
después de agregar peso authentications.py
yserializers.py
import jwt
from django.conf import settings
from rest_framework.authentication import BaseAuthentication,get_authorization_header
from rest_framework import exceptions
from django.contrib.auth import get_user_model
from jwt.exceptions import ExpiredSignatureError
MTUser = get_user_model()
import time
def generate_jwt(user):
expire_time = int(time.time() + 60*60*24*7)
return jwt.encode({
"userid":user.pk,"exp":expire_time},key=settings.SECRET_KEY)
class JWTAuthentication(BaseAuthentication):
keyword = 'JWT'
def authenticate(self, request):
auth = get_authorization_header(request).split()
if not auth or auth[0].lower() != self.keyword.lower().encode():
return None
if len(auth) == 1:
msg = "不可用的JWT请求头!"
raise exceptions.AuthenticationFailed(msg)
elif len(auth) > 2:
msg = '不可用的JWT请求头!JWT Token中间不应该有空格!'
raise exceptions.AuthenticationFailed(msg)
try:
jwt_token = auth[1]
jwt_info = jwt.decode(jwt_token,settings.SECRET_KEY)
userid = jwt_info.get('userid')
try:
# 绑定当前user到request对象上
user = MTUser.objects.get(pk=userid)
return user, jwt_token
except:
msg = '用户不存在!'
raise exceptions.AuthenticationFailed(msg)
except ExpiredSignatureError:
msg = "JWT Token已过期!"
raise exceptions.AuthenticationFailed(msg)
from rest_framework.serializers import ModelSerializer
from .models import User
class UserSerializer(ModelSerializer):
class Meta:
model = User
exclude = ['password']
Escriba la lógica de inicio de sesión en cms view.py
from rest_framework.views import APIView
from rest_framework.authtoken.serializers import AuthTokenSerializer
from django.utils.timezone import now
from apps.webauth.authentications import generate_jwt
from apps.webauth.serializers import UserSerializer
from rest_framework.response import Response
class LoginView(APIView):
def post(self,request):
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid():
user = serializer.validated_data.get('user')
user.last_login = now()
user.save()
token = generate_jwt(user)
user_serializer = UserSerializer(user)
return Response({
"token":token,"user":user_serializer.data})
else:
return Response({
"message":"用户名或密码错误"})
Configurar URL
from django.urls import path
from .views import LoginView
app_name = 'cms'
urlpatterns = [
path('login',LoginView.as_view(),name="login")
]
Configurar las URL principales
from django.contrib import admin
from django.urls import path,include
urlpatterns = [
path('cms/', include("apps.cms.urls")),
path('drf_demo/', include('apps.drf_demo.urls')),
]
Crear datos de prueba
createsuperuser --username admin --telephone 18896653148
Utilice PostMan para realizar pruebas
http://127.0.0.1:8000/cms/login