堆栈内存溢出
  简体   繁体   English

基于Django App的API身份验证

[英]Authentication for API Based on Django App

 原文  2015-12-06 21:11:18       python/ ios/ django/ api/ authentication

问题描述

I currently have a Django web app, and am now creating an iOS app that needs to hook into the same database. 我目前有一个Django Web应用程序,现在正在创建一个需要挂接到相同数据库的iOS应用程序。 So, I am creating an python API from my Django app. 所以,我正在从我的Django应用程序创建一个python API。 I don't know how to handle authentication from the iOS app to this Python API...? 我不知道如何处理从iOS应用到此Python API的身份验证...? I want to just put Django's @login_required decorator on each of my API views (as I do for the web app part) but am not sure how to do that since the iOS client isn't sending over a User object. 我只想将Django的@login_required装饰器放在我的每个API视图上(就像我在Web应用程序部分中所做的那样),但是由于iOS客户端不会通过User对象进行发送,因此不确定如何执行此User What should I do? 我该怎么办?

I have tried making my own decorator that looks for a username and password in the client's request, but I think that's probably very dumb on my part as I don't now how to keep the username/password secret and that username/password data is then visible in the URL. 我曾尝试制作自己的装饰器,以在客户端的请求中查找usernamepassword ,但我认为这可能很愚蠢,因为我现在不知道如何将用户名/密码保密,而用户名/密码数据是然后在网址中可见。 Any ideas/help would be greatly appreciated! 任何想法/帮助将不胜感激!

1 个解决方案

解决方案1
 1  2015-12-06 22:20:36

There is nothing wrong or hacky with rolling your own API views and using a basic authentication decorator, but it might be worth investing a little bit of time (perhaps 2-3 hours of tinkering) to learn Django REST Framework. 滚动自己的API视图并使用基本的身份验证装饰器没有错,但是这样做值得花一点时间(也许要花2-3个小时进行修补)来学习Django REST Framework。

Django REST Framework is one of the better Python packages in existence (right up there with Requests) and has a huge community, so if you get stuck, StackOverflow will be by your side. Django REST Framework是现有的更好的Python软件包之一(就在Requests上),并且拥有庞大的社区,因此,如果遇到麻烦,StackOverflow将在您身边。 It offers authentication (ie, prove who you are / login) and authorization (ie, specific access permission controls). 它提供身份验证 (即证明您是谁/登录)和授权(即特定的访问权限控制)。 But, I highly recommend doing the full tutorial . 但是,我强烈建议您阅读完整的教程

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用基于 web 应用程序的身份验证在 Python Django 中使用 Microsoft graph api (python-o365) 发送和阅读邮件? - How to send and read mail using Microsoft graph api (python-o365) in Python Django using web app based authentication? Azure存储容器API请求身份验证因Django应用程序失败 - Azure storage container API request authentication failing with Django app 带Django的Dropbox API - 身份验证 - Dropbox API with Django - Authentication Django应用程序中的外部身份验证 - External authentication in a Django app 最新Django中基于令牌的身份验证 - Token Based Authentication in latest Django ldap3认证django应用 - authentication django app with ldap3 带有Rails API的Django应用 - Django app with Rails API Django Restful API应用 - Django Restful API App Django中的身份验证基于框架功能的视图 - Authentication in Django rest framework function based views 基于Heroku的django网站中的Facebook身份验证错误 - Facebook authentication error in Heroku based django website
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM