token认证的大致步骤是这样的:
创建model类
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
| level_entry=( (1, 'visitor'), (2, 'member'), (3, 'vip'), (4, 'svip') )
class User(models.Model): username = models.CharField('用户名', max_length=25, default='') password = models.CharField('密码', max_length=32, default='') name = models.CharField('姓名', max_length=25) age = models.IntegerField('年龄', default=0) level = models.IntegerField(choices=level_entry) def __str__(self): return self.name
class UserToken(models.Model): user = models.OneToOneField(User, on_delete=models.CASCADE) token = models.CharField('用户token', max_length=128)
|
接下来简单创建一个路由
path('login', UserView.as_view())
在until下创建get_token.py文件,写入生成token的辅助函数
1 2 3 4 5 6
| import uuid
def generater_token(): token = str(uuid.uuid4()).replace('-', '') return token
|
最后书写视图文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
| from django.http import JsonResponse
from rest_framework.views import APIView
from app.untils import get_token
from app.models import User as UserModel from app.models import UserToken as UserTokenModel
class UserView(APIView): def post(self, request): response = dict() recev_data = {'username', 'password'}
if recev_data.issubset(set(request.data)): userInfo = dict() for item in recev_data: userInfo[item] = request.data.get(item) user_obj = UserModel.objects.filter(**userInfo).first() if user_obj: access_token = get_token.generater_token() UserTokenModel.objects.update_or_create(user=user_obj, defaults={ 'token':access_token }) response['status_code'] = 200 response['status_message'] = '恭喜你,登录成功' response['access_token'] = access_token response['user_role'] = user_obj.get_level_display() else: response['status_code'] = 201 response['status_message'] = '用户名或密码错误' return JsonResponse(response)
|
以上就是token的简单生成方式,当然,在生产环境中不会如此简单,关于token也有相关的库,好了,构造几条数据之后,可以通过POSTMAN工具来创建几个用户的token信息。