码迷,mamicode.com
首页 > 微信 > 详细

微信小程序-drf登录认证组件

时间:2020-03-12 19:08:32      阅读:547      评论:0      收藏:0      [点我收藏+]

标签:func   odi   inf   cts   function   gen   eth   pre   api   

微信小程序-drf登录认证组件

- 通过全局的用户判断是否登录
- 登录用户则校验用户的token值

1. config - settings.js

    - api.js
    - settings.js

# 模块化:登录页面路由
module.exports = {
  loginPage: "/pages/login/login"
}

2. utils - auth.js

    - auth.js

# 获取应用实例
var settings = require('../config/settings.js')
var app = getApp()

function authentication() {
  if (!app.globalData.userInfo) {
    wx.navigateTo({
    // settings.loginPage,登录路由
      url: settings.loginPage
    })
    return false
  }
  return true
}

# 认证函数模块化
module.exports = {
  authentication: authentication
}

3. 示例:用户评论

pages
    - newsDetail
        - newsDetail.js
        
// pages/newsDetail/newsDetail.js

var api = require("../../config/api.js")
var auth = require('../../utils/auth.js')
var app = getApp()

# 评论之前判断用户是否登录
onClickShowCommentModal: function(e) {
  if (!auth.authentication()) {
    return
  }
  var replyInfo = e.currentTarget.dataset;
  this.setData({
    isShowCommentModal: true,
    reply: replyInfo,
  });
},

4. 提交评论-- 用户已登录,发送请求携带token值

'''
# 请求头携带用户的token值,此处涉及到js的三元运算
header: {
    Authorization: userInfo ? "token " + userInfo.token : ""
  },
'''

onClickPostComment: function() {
// 发布评论,将评论数据发送到后台接口
var userInfo = app.globalData.userInfo;
wx.request({
  url: api.Comment,
  data: this.data.reply,
  method: 'POST',
  dataType: 'json',
  header: {
    Authorization: userInfo ? "token " + userInfo.token : ""
  },
  responseType: 'text',
  success: (res) => {
    ...
  }
  })
  }

5. 后端校验 token值是否一致

utils
    - auth.py

'''
如果用户已登录,则在request.user和request.auth中赋值;未登录则做任何操作。
用户需要在请求头Authorization中传递token,格式如下:
    Authorization: token 401f7ac837da42b97f613d789819ff93537bee6a

建议:配合和配置文件一起使用,未认证的用户request.user和request.auth的值为None

REST_FRAMEWORK = {
    "UNAUTHENTICATED_USER":None,
    "UNAUTHENTICATED_TOKEN":None
}
'''

通用认证

#!/usr/bin/env python
# -*- coding:utf-8 -*-
from rest_framework.authentication import BaseAuthentication
from rest_framework.authentication import get_authorization_header
from apps.api import models
from rest_framework import exceptions

class GeneralAuthentication(BaseAuthentication):

    """ 
    通用认证(所有页面都可以应用)
    """
    
    keyword = "token"

    def authenticate(self, request):
    
        # 认证元组
        auth_tuple = get_authorization_header(request).split()

        # 1.如果没有传token,则通过本次认证,进行之后的认证
        if not auth_tuple:
            return None

        # 2.如果传递token,格式不符,则通过本次认证,进行之后的认证
        if len(auth_tuple) != 2:
            return None

        # 3.如果传递了token,但token的名称不符,则通过本次认证,进行之后的认证
        if auth_tuple[0].lower() != self.keyword.lower().encode():
            return None

        # 4.对token进行认证,如果通过了则给request.user和request.auth赋值,否则返回None
        try:
            token = auth_tuple[1].decode()
            user_object = models.UserInfo.objects.get(token=token)
            return (user_object, token)
        except Exception as e:
            return None

用户认证

class UserAuthentication(BaseAuthentication):

    """
    token 认证
    """
    
    keyword = "token"

    def authenticate(self, request):
        auth_tuple = get_authorization_header(request).split()
        
        '''
        print(auth_tuple)
        auth_tuple = [b'token', b'a33409078e8ff69c16e813442ac1ce5d']
        '''

        if not auth_tuple:
            raise exceptions.AuthenticationFailed('认证失败')

        if len(auth_tuple) != 2:
            raise exceptions.AuthenticationFailed('认证失败')

        if auth_tuple[0].lower() != self.keyword.lower().encode():
            raise exceptions.AuthenticationFailed('认证失败')
        try:
            token = auth_tuple[1].decode()
            user_object = models.UserInfo.objects.get(token=token)
            return (user_object, token)
        except Exception as e:
            raise exceptions.AuthenticationFailed('认证失败')

视图函数添加认证类 --评论

from utils.auth import UserAuthentication, GeneralAuthentication

class CommentView(CreateAPIView, ListAPIView):

    '''
    POST请求提交评论:用户认证类
    '''
    serializer_class = CommentModelSerializer
    queryset = models.CommentRecord.objects

    filter_backends = [ChildCommentFilter, ]

    def get_authenticators(self):
        if self.request.method == 'POST':
            return [UserAuthentication(), ]
        return [GeneralAuthentication(), ]

微信小程序-drf登录认证组件

标签:func   odi   inf   cts   function   gen   eth   pre   api   

原文地址:https://www.cnblogs.com/daviddd/p/12470807.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!