rest-framework认证、权限组件
2024-09-01 14:58:39
认证组件:
models
class User(models.Model):
username = models.CharField(max_length=32)
password = models.CharField(max_length=32)
user_type_entry = (
(1,"Delux"),
(2,"SVIP"),
(3,"VVIP"),
)
user_type = models.IntegerField(choices=user_type_entry) def __str__(self):
return self.username class UserToken(models.Model):
user = models.OneToOneField("User",on_delete=models.CASCADE)
token = models.CharField(max_length=128)
写一个认证类
from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import APIException from app01.models import UserToken class UserAuth(BaseAuthentication):
# 所有认证的逻辑都在authenticate中
def authenticate(self, request):
user_token = request.GET.get("token")
token = UserToken.objects.filter(token=user_token).first()
if token:
return token.user, token.token
else:
raise APIException("没有认证!")
views中
class UserView(APIView): def post(self,request):
# 定义返回消息
response = dict()
# 定义需要的用户信息
fields = {"username", "password"}
# 定义一个用户信息字典
user_info = dict() if fields.issubset(set(request.data.keys())):
for key in fields:
user_info[key] = request.data[key] user_obj = User.objects.filter(**user_info).first() if user_obj:
access_token = get_random_str()
UserToken.objects.update_or_create(user=user_obj,defaults={
"token": access_token
}) response["status_code"] = 200
response["status_message"] = "登录成功"
response["access_token"] = access_token
response["user_role"] = user_obj.get_user_type_display()
else:
response["status_code"] = 201
response["status_message"] = "登录失败,用户名或密码错误" return Response(response)
权限类
from rest_framework.permissions import BasePermission class UserPerm(BasePermission):
message = "您没有查看数据的权限!" def has_permission(self,request,view):
if request.user.user_type == 3:
return True
return False
在需要认证和权限的视图类中加入
class BookView(ModelViewSet):
authentication_classes = [UserAuth]
permission_classes = [UserPerm]
queryset = Book.objects.all()
serializer_class = BookSerializer
最新文章
- 【MySql】查询数据库中所有表及列的信息
- gitflow以及git
- Android之Linearlayouy线性布局
- MSSQL数据库的一些基础知识
- Bitmap简单操作笔记
- Network服务器
- chrome远程调试真机上的app
- ios 使用xib时,在UIScrollView中添建内容view时,使用约束的注意
- 订餐APP第一次sprint+燃尽图
- javascript 复习代码
- hdu 4024 二分
- ALV详解:Function ALV(二)
- WeChat 6.3 wipe deleted chat messages as well as LINE 5.3 and above
- 判断String为空
- linux下不重启加硬盘
- 《JS权威指南学习总结--6.7属性的特性》
- Keras的安装与配置
- 【原】无脑操作:IDEA + maven + Shiro + SpringBoot + JPA + Thymeleaf实现基础认证权限
- JDK源码分析(8)之 Reference 完全解读
- 在vue-cli3 中import引入一个没有export default{}的js文件