标签:time() 系统 rest except cep 检查 ade port 失败
Django 自带的权限系统认证创建用户 create_user 方法
from rest_framework.views import APIView
from rest_framework.response import Response
class UserRegisterView(APIView):
‘‘‘注册用户‘‘‘
def post(request, *args, **kwargs):
# 添加用户入库
user_obj = User.objects.create_user(**request.data)
# 判断是否添加成功
if not user_obj:
return Response({"code":0, "msg":"failure" ,"data":{}}, 200)
return Response({"code":1,"msg":"success","data":{}}, 200)
根据用户名和密码登录
from rest_framework.views import APIView
from rest_framework.response import Response
from django.contrib import auth
class UserLoginView(APIView):
‘‘‘ 用户登录 ‘‘‘
def post(self, request, *args, **kwargs):
# 验证用户权限
auth_obj = auth.authenticate(request, **request.data)
# 如果有权限则直接登录,并将信息写入session和request.user中
if auth_obj:
# 将用户数据写入request.user中和session中
auth.login(request, auth_obj)
# 填充载荷
payload = {
"uid": request.user.id
}
# 生成 token
token = jwt_encode(payload)
# 返回数据
return Response({"code":1,"msg":"登录成功","data":{"token": token}}, 200)
# 返回登陆失败数据
return Response({"code":0, "msg":"用户名或者密码错误" ,"data":{}}, 200)
注销登录
from rest_framework.views import APIView
from rest_framework.response import Response
from django.contrib import auth
class UserLogoutView(APIView):
‘‘‘用户注销登录‘‘‘
def post(request, *args, **kwargs):
auth.logout(request)
return Response({"code": 1,"msg": "用户登出成功", "data":{}}, 200)
jwt 编码和解码
‘‘‘
安装 pyjwt: pip install pyjwt
‘‘‘
import jwt, time
SECRET_KEY = "e=-4xbvcg!%0*!d1+a$s(8zb_zljav8gd(mj_v2)@&@!ktpr5("
def jwt_encode(raw, expir=7200):
‘‘‘jwt编码‘‘‘
raw[‘exp‘] = int(time.time()) + expir
return jwt.encode(raw, SECRET_KEY, algorithm="HS256").decode()
def jwt_decode(raw):
‘‘‘jwt解码‘‘‘
try:
return jwt.decode(raw, SECRET_KEY, algorithms=["HS256"])
except:
return {}
新建中间件
from django.utils.deprecation import MiddlewareMixin
from django.http import JsonResponse
class UserCheckAuthMiddleware(MiddlewareMixin):
‘‘‘检查用户登录‘‘‘
def process_request(request, *args, **kwargs):
# 判断请求地址是否在白名单中
if request.path not in ["login/", "logout/", "register/"]:
token = request.headers.get("token", "")
if not token:
return JsonResponse({"code": -1, "msg": "缺省token", "data":{}}, 200)
if not jwt_decode(token):
return JsonResponse({"code": -1, "msg": "token已过期", "data":{}}, 200)
if not request.user.is_active:
return JsonResponse({"code": -1, "msg": "用户权限受限,请联系管理员", "data":{}}, 200)
return None
class ExceptionMiddleware(MiddlewareMixin):
‘‘‘异常捕获‘‘‘
def process_exception(self, request, exception):
return JsonResponse({
"code": -1,
"msg": "服务不可用",
"detail": str(exception),
"data": {}
})
常用的方法
| 方法名 | 备注 |
|---|---|
| create_user | 创建用户 |
| authenticate | 登录验证 |
| login | 记录登录状态 |
| logout | 退出用户登录 |
| is_authenticated | 判断用户是否登录 |
| login_required装饰器 | 进行登录判断 |
标签:time() 系统 rest except cep 检查 ade port 失败
原文地址:https://www.cnblogs.com/wuxiaoshi/p/14868864.html
