堆栈内存溢出
  简体   繁体   English

如何使用Django Rest Framework创建登录API?

[英]How do I create a login API using Django Rest Framework?

 原文  2014-01-23 19:46:33       python/ django/ rest/ django-rest-framework

问题描述

I want to create a login api (or use an existing one if it is already pre-bundled) using django rest framework. 我想使用django rest框架创建一个登录api(或者如果它已经预先捆绑,则使用现有的api)。 However, I'm completely at a loss. 但是,我完全不知所措。 Whenever I send a post request to the django rest framework "login" url, it just sends back the browsable api template page... 每当我向django rest框架“登录”网址发送帖子请求时,它只会发回可浏览的api模板页面......

MY CONFIGURATION 我的配置

urls.py urls.py 

url(r'^api/v1/', include('rest_framework.urls', namespace='rest_framework'))

settings.py settings.py 

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    )
}

WHAT I WANT 我想要的是

Request: 请求: 

POST /api/v1/login  username='name' pass='pass'

Response: 响应: 

200 OK "{username: 'name', 'userId': '54321'}" set-cookie: sessionid="blahblah"

4 个解决方案

解决方案1
 38 已采纳  2014-01-23 20:34:01

Take a look at the api view from django-rest-framework-jwt . 看一下django-rest-framework-jwt的api视图。 It's an implementation for creating auth tokens rather than cookie sessions, but your implementation will be similar. 它是用于创建auth令牌而不是cookie会话的实现,但您的实现将类似。 See views.py and serializers.py . 请参见views.pyserializers.py You can probably use the serializers.py unchanged, and just adjust your views to return the right parameters and possibly set the session cookie (can't recall if that's already performed in authentication). 您可以使用serializers.py不变,只需调整视图以返回正确的参数并可能设置会话cookie(如果已在身份验证中执行,则无法调用)。

解决方案2
 14  2014-09-26 16:31:50

If you want something like this I do the same thing however I use Token authentication. 如果你想要这样的东西我做同样的事情,但我使用令牌认证。

Check out their token page here 在这里查看他们的令牌页面

This may not be what you want but the way I do it is (since I'm using it as a rest api endpoints for mobile clients) 这可能不是你想要的,但我这样做的方式是(因为我将它用作移动客户端的rest api端点)

I can do my url localhost:8000/api/users/ -H Authorization : Token A browser could then use the regular login page that you create at the provided rest framework url 我可以做我的网址localhost:8000/api/users/ -H Authorization : Token然后浏览器可以使用您在提供的其余框架网址上创建的常规登录页面

url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')

and to get tokens for 'login-less' navigation 并获得“无登录”导航的令牌

url(r'^api-token-auth/', 'rest_framework.authtoken.views.obtain_auth_token')

Then if you make calls and such you can pass the authorization tokens. 然后,如果您拨打电话,您可以通过授权令牌。 Of course this is just how I do it and it's probably not the most efficient way but my goal was to create a way that I can provide users with session authentication for browsers and mobile access via tokens. 当然这就是我如何做到这一点,它可能不是最有效的方式,但我的目标是创建一种方式,我可以为用户提供浏览器的会话身份验证和通过令牌的移动访问。

Then in your views.py make sure you add the authentication requirements for that view. 然后在views.py中确保添加该视图的身份验证要求。 Almost the same as session authentication section 与会话认证部分几乎相同

permission_classes = (permissions.IsAdminUser,)

but also include 还包括

authentication_classes = (authentication.TokenAuthentication,)

I hope this helps but if not, good luck on your search. 我希望这有帮助,但如果没有,祝你的搜索顺利。

解决方案3
 12  2015-12-14 08:31:47

Of course token is a good way to authenticate, but questioner is asking about session authentication. 当然令牌是一种很好的身份验证方式,但是提问者正在询问会话身份验证。

Request: 请求: 

POST /api/v1/login  username='username' password='password'
  • Put csrftoken value at X-CSRFToken in header csrftoken值放在csrftoken中的X-CSRFToken
  • Even though someone using email as username filed, username name parameter is required for email input (eg username='sample@domain.com' ) 即使有人使用email作为用户名归档,电子邮件输入也需要username名参数(例如username='sample@domain.com'

Response: 响应: 

302 FOUND sessionid="blahblah"
  • If you not specified next value, it will automatically redirect into /accounts/profile/ which can yield 404 error 如果您未指定next值,它将自动重定向到/accounts/profile/ ,这可能会产生404错误

解决方案4
 1  2018-02-07 09:35:30

Adding our views: 添加我们的观点: 

from rest_framework_jwt.views import refresh_jwt_token

urlpatterns = [
    ...
    url(r'^rest-auth/', include('rest_auth.urls')),
    url(r'^rest-auth/registration/', include('rest_auth.registration.urls')),
    ...
    url(r'^refresh-token/', refresh_jwt_token),
]

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用django-rest-framework创建Login视图 - How do I create a Login view with django-rest-framework 如何使用Django Rest框架进行注册/登录 - how to do register/login with django rest framework 如何在 Django REST framework 的 Browsable API 中编辑收藏夹图标? - How do i edit the favicon in the Browsable API in Django REST framework? 如何在Django Rest API框架中登录自定义用户模型 - how to login a Custom User Model in django rest API framework 如何在 Django Rest Framework 中为用户登录创建 Json Web 令牌? - How to create Json Web Token to User login in Django Rest Framework? 如何使用 django rest 框架创建 Django API? - How to create a Django API using django rest framework which shows response from some external source? 如何基于Django和API REST Framework创建API? - How can I create API with Django and API REST Framework but based on existing models? 注册和登录api中的Django休息框架 - Django rest framework in register and login api 如何使用 python Django 和 django-rest-framework 解构 API? - How do I destructure an API with python Django and django-rest-framework? 如何使用Django Mongoengin Rest框架编写REST API - How to wrure REST API using django mongoengin rest framework
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM