我的目标是覆盖 obtain_jwt_token,以便对过程的返回值进行更多的控制,而在文档中,我只发现了一个关于如何执行此操作的奇异而粗略的信息:
请注意,默认获取_auth_token视图明确使用JSON 请求和响应,而不是使用默认渲染器和解析器 在您的设置中上课。如果您需要定制版本的 获得_auth_token视图,您可以通过覆盖 获得authtoken视图类,然后在您的URL conf中使用它
到目前为止,我的尝试看起来像这样:
urlpatterns = [
url(r'^api-token-auth/', my_customized_view),
]
class Foo(ObtainAuthToken):
def post(self):
# here goes my customized code
my_customized_view = Foo.as_view()
几率是我的代码看起来很愚蠢,我只是迷失了尝试用谷歌搜索它。我在Djagno方面几乎没有经验,所以请帮助我!
我刚刚经历了我希望退还用户的理解,还允许电子邮件或用户名登录。该文档并不完全清楚,但是如Auth Token所述,您可以为JWT做同样的事情。获得_auth_token是为了获得authtoken,因为获得_jwt_token是为了获得jsonwebtoken。这是我覆盖的登录方法:
from rest_framework_jwt.settings import api_settings
from rest_framework_jwt.views import ObtainJSONWebToken
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
jwt_decode_handler = api_settings.JWT_DECODE_HANDLER
class LoginView(ObtainJSONWebToken):
def post(self, request, *args, **kwargs):
# by default attempts username / passsword combination
response = super(LoginView, self).post(request, *args, **kwargs)
# token = response.data['token'] # don't use this to prevent errors
# below will return null, but not an error, if not found :)
res = response.data
token = res.get('token')
# token ok, get user
if token:
user = jwt_decode_handler(token) # aleady json - don't serialize
else: # if none, try auth by email
req = request.data # try and find email in request
email = req.get('email')
password = req.get('password')
username = req.get('username')
if email is None or password is None:
return Response({'success': False,
'message': 'Missing or incorrect credentials',
'data': req},
status=status.HTTP_400_BAD_REQUEST)
# email exists in request, try to find user
try:
user = User.objects.get(email=email)
except:
return Response({'success': False,
'message': 'User not found',
'data': req},
status=status.HTTP_404_NOT_FOUND)
if not user.check_password(password):
return Response({'success': False,
'message': 'Incorrect password',
'data': req},
status=status.HTTP_403_FORBIDDEN)
# make token from user found by email
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
user = UserSerializer(user).data
return Response({'success': True,
'message': 'Successfully logged in',
'token': token,
'user': user},
status=status.HTTP_200_OK)
您只有在自定义Django的Auth模型时,才可以将默认值更改为通过电子邮件检查,但是我很高兴有这两个选择。
我开始创建一个API样板。有一个要求。https://github.com/garyburgmann/django-api-boilerplate
- 在views.py中,文件添加以下代码并根据需要进行自定义。
def jwt_response_payload_handler(token, user=None, request=None):
return {
'token': token,
'user': UserSerializer(user, context={'request': request}).data
}
默认值为{'token':token}
- 也在您的设置中。Py文件add
JWT_AUTH = {
'JWT_RESPONSE_PAYLOAD_HANDLER':
'api.user.views.jwt_response_payload_handler',
}
('api.user.views.jwt_response_payload_handler',)是您自定义JWT_RESPONSE_PAYLOAD_HANDLER
的路径要获得更多帮助,您可以在此处查看