如何在Django Rest Framework中爲用戶登錄創建Json Web Token？

Question

我想將JWT添加到我的用戶登錄API進行身份驗證。我應該按照這些規範來做什麼？我通過Manuel創建了一個令牌。但它必須改變。我怎樣才能整合？謝謝。

串行器

class UserLoginSerializer(ModelSerializer): 
token = CharField(allow_blank=True, read_only=True) 

class Meta: 
    model = User 
    fields = [ 
     'username', 
     'password', 
     'token', 
    ] 
    extra_kwargs = {"password": 
         {"write_only": True} 
        } 

def validate(self, data): 
    user_obj = None 
    username = data.get("username", None) 
    password = data["password"] 
    if not username: 
     raise ValidationError("Kullanıcı adı gerekli.") 

    user = User.objects.filter(
     Q(username=username) 
     ).distinct() 
    user = user.exclude(email__isnull=True).exclude(email__iexact='') 
    if user.exists() and user.count() == 1: 
     user = user.first() 
    else: 
     raise ValidationError("Böyle bir Kullanıcı Adı yoktur.") 

    if user_obj: 
     if not user_obj.check_password(password): 
      raise ValidationError("Tekrar deneyiniz.") 
    data["token"] = "asdasdasdasd" 
    return data 

瀏覽

class UserLoginAPIView(APIView): 
permission_classes = [AllowAny] 
serializer_class = UserLoginSerializer 

def post(self, request, *args, **kwargs): 
    data = request.data 
    serializer = UserLoginSerializer(data=data) 
    if serializer.is_valid(raise_exception=True): 
     new_data = serializer.data 
     return Response(new_data, status=HTTP_200_OK) 
    return Response(serializer.errors, status=HTTP_400_BAD_REQUEST) 

設置

REST_FRAMEWORK = { 
'DEFAULT_PERMISSION_CLASSES': (
    'rest_framework.permissions.IsAuthenticated', 
), 
'DEFAULT_AUTHENTICATION_CLASSES': (
    'rest_framework.authentication.SessionAuthentication', 
    'rest_framework.authentication.BasicAuthentication', 
    'rest_framework_jwt.authentication.JSONWebTokenAuthentication', 
), 

}

個

網址

urlpatterns = [ 
url(r'^login/$', UserLoginAPIView.as_view(), name='login'), 
url(r'^api-token-auth/', obtain_jwt_token), 
url(r'^api-token-refresh/', refresh_jwt_token), 
url(r'^api-token-verify/', verify_jwt_token), 
url(r'^register/$', UserCreateAPIView.as_view(), name='register'), 

]

Answer 1

自動，您可以使用'rest_framework_jwt.views.obtain_jwt_token'進行用戶登錄。它創建一個令牌。然後，您需要轉到RestrictedView並使用令牌進行身份驗證。基本上就是這樣。

Answer 2

你可以嘗試做這樣的事情：

首先，安裝pip install djangorestframework-jwt。

settings.py：

REST_FRAMEWORK = { 
    'DEFAULT_PERMISSION_CLASSES': (
     'rest_framework.permissions.IsAuthenticated', 
    ), 
    'DEFAULT_AUTHENTICATION_CLASSES': (
     'rest_framework.authentication.SessionAuthentication', 
     'rest_framework.authentication.BasicAuthentication', 
     'rest_framework_jwt.authentication.JSONWebTokenAuthentication', 
    ), 
} 

def jwt_response_payload_handler(token, user, request, *args, **kwargs): 
    data = { 
     "token": token, 
     "user": "{}".format(user.id), 
     "userid": user.id, 
     "active": user.is_active 
    } 
    return data 

JWT_AUTH = { 
    'JWT_RESPONSE_PAYLOAD_HANDLER': 'jwt_response_payload_handler', 
    'JWT_EXPIRATION_DELTA': datetime.timedelta(days=180), 
    'JWT_ALLOW_REFRESH': False, 
    'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=30), 
    'JWT_SECRET_KEY': 'generate_a_secret_key', 
} 

serializers.py：

from rest_framework import serializers 
from rest_framework.authtoken.models import Token 

class TokenSerializer(serializers.ModelSerializer): 
    class Meta: 
     model = Token 
     fields = ('key',) 

任何地方authenication_classes適用於您的意見，你需要添加：

from rest_framework_jwt.authentication import JSONWebTokenAuthentication 

我希望能幫到你！

Answer 3

更多使用JWT使用Python中叫PyJWT

步驟庫最簡單的方法：

1. 安裝智威湯遜（$ pip install PyJWT）

2. 的PIP封裝在views.py：

   import jwt 
   

3. ，則跳轉的地方，在那裏你想生成令牌，然後 如下使用它：

   encoded = jwt.encode({'email': uemail, 'phone':phone}, 'MySecretKey', algorithm='HS256') 
   

4. 打印或在響應加編碼的變量，將給予答覆。