INSTALLED_APPS = [
...
'users.apps.UsersConfig',
]
添加AUTH_USRE_MODEL 替換默認的user
AUTH_USER_MODEL = 'users.UserProfile'
如果說想用全局認證需要在配置文件中添加
# 全局認證from rest_framework.authentication import TokenAuthentication,BasicAuthentication,SessionAuthentication
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
# 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', # 全局認證�,開源jwt
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
# 'rest_framework.authentication.TokenAuthentication', #全局認證drf 自帶的
)
}
from django.contrib.auth.models import AbstractUser
from django.db import models
class UserProfile(AbstractUser):
"""
用戶
"""
name = models.CharField(max_length=30, null=True, blank=True, verbose_name="姓名")
birthday = models.DateField(null=True, blank=True, verbose_name="出生年月")
gender = models.CharField(max_length=6, choices=(("male", u"男"), ("female", "女")), default="female", verbose_name="性別")
mobile = models.CharField(null=True, blank=True, max_length=11, verbose_name="電話")
email = models.EmailField(max_length=100, null=True, blank=True, verbose_name="郵箱")
class Meta:
verbose_name = "用戶"
verbose_name_plural = verbose_name
def __str__(self):
return self.username
from django.shortcuts import render
from rest_framework import mixins, viewsets
from rest_framework.views import APIView
from users.models import VerifyCode
from .serializers import VerifyCodeSerializer
# Create your views here.
from rest_framework.authentication import TokenAuthentication,BasicAuthentication,SessionAuthentication
from rest_framework_jwt.authentication import JSONWebTokenAuthentication
class VerifyCodeListViewSet(mixins.ListModelMixin,mixins.RetrieveModelMixin, viewsets.GenericViewSet):
"""
驗證碼列表
"""
queryset = VerifyCode.objects.all()
serializer_class = VerifyCodeSerializer
# authentication_classes = [TokenAuthentication, ]
# authentication_classes = [JSONWebTokenAuthentication, ]
# JWT 認證 加密�,過期時間
def get_authenticators(self):
"""
Instantiates and returns the list of authenticators that this view can use.
# 修改驗證
"""
# 動態認證
print(self.authentication_classes)
print([JSONWebTokenAuthentication, ])
if self.action_map['get'] == "retrieve":
self.authentication_classes = [BasicAuthentication,SessionAuthentication,]
elif self.action_map['get'] == "list":
self.authentication_classes = [JSONWebTokenAuthentication,]
return [auth() for auth in self.authentication_classes]
# DRF 自帶的認證 不過期��,易發生xss攻擊
# def get_authenticators(self):
# """
# Instantiates and returns the list of authenticators that this view can use.
# # 修改驗證
# """
# print(self.authentication_classes)
# print([JSONWebTokenAuthentication, ])
# if self.action_map['get'] == "retrieve":
# self.authentication_classes = [BasicAuthentication,SessionAuthentication,]
# elif self.action_map['get'] == "list":
# self.authentication_classes = [JSONWebTokenAuthentication,]
# return [auth() for auth in self.authentication_classes]
def get_queryset(self):
# 取出認證信息
print(self.request.auth)
# print(self.action)
return self.queryset
# url
"""untitled URL Configuration
The `urlpatterns` list routes URLs to views. For more information please see:
https://docs.djangoproject.com/en/1.10/topics/http/urls/
Examples:
Function views
1. Add an import: from my_app import views
2. Add a URL to urlpatterns: url(r'^$', views.home, name='home')
Class-based views
1. Add an import: from other_app.views import Home
2. Add a URL to urlpatterns: url(r'^$', Home.as_view(), name='home')
Including another URLconf
1. Import the include() function: from django.conf.urls import url, include
2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls'))
"""
from rest_framework.authtoken import views
from rest_framework_jwt.views import obtain_jwt_token
from django.conf.urls import url, include
from django.contrib import admin
from rest_framework import routers
from users.views import VerifyCodeListViewSet
router = routers.DefaultRouter()
router.register(r'codes', VerifyCodeListViewSet, 'codes')
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^api-auth/', include('rest_framework.urls'))
]
urlpatterns += [
# drf 自帶的
url(r'^api-token-auth/', views.obtain_auth_token),
# jwt 認證
url(r'^jwt_auth/', obtain_jwt_token),
]
urlpatterns += router.urls
1. debug模式啟動
2. 使用postmain測試
