ANDROID VOLLEY + JWT 令牌认证 + DJANGO Z50780F47F6839D43DFZ0 BC4F6839D43DF60
[英]ANDROID VOLLEY + JWT TOKEN AUTHENTICATION + DJANGO REST FRAMEWORK
问题描述
I am currently developing an android chat app.
我目前正在开发一个 android 聊天应用程序。 I am very new to Android Studio, JWT Token Authorization, and Django Rest Framework.我对 Android Studio、JWT 令牌授权和 Django Z55276C10D84E1DF77FZE441 框架非常陌生。 Right now I am having issue to work on the Django side.现在我在 Django 端工作时遇到问题。
So basically I was setting up a login page from my Android, and I want it to login using phone number and password as the needed credentials.所以基本上我是从我的 Android 设置登录页面,我希望它使用电话号码和密码作为所需的凭据登录。 However, I also want to use JWT Token Auth to make my application more secure.但是,我也想使用 JWT Token Auth 来使我的应用程序更安全。
Currently I have my project urls.py pointing to one of the JWT Token API目前我的项目urls.py指向 JWT 令牌 API 之一
urls.py网址.py
from django.contrib import admin
from django.urls import path,include
from django.conf.urls import include, url
from rest_framework_simplejwt import views as jwt_views
urlpatterns = [
path('admin/', admin.site.urls),
path('account/',include('restaccount.urls')) ,
path('api/token/', jwt_views.TokenObtainPairView.as_view(), name='token_obtain_pair'),
path('api/token/refresh/', jwt_views.TokenRefreshView.as_view(), name='token_refresh'),
]
This would lead to the server page which was这将导致服务器页面是
*PS: The phone number fields should be the default username field..(I have made some trial modifications on my code prior I post this). *PS:电话号码字段应该是默认的用户名字段..(我在发布之前对我的代码进行了一些尝试修改)。
I also have set up a models that was inherit from AbstractUser我还设置了一个继承自AbstractUser的模型
models.py模型.py
class RegisterUser(AbstractUser):
phone_number = PhoneField(name='phone_number',unique=True)
birthday = models.DateField(name ='birthday',null= True)
nickname = models.CharField(max_length=100,name = 'nickname')
def __str__(self):
return self.phone_number
Currently I have tried to make a lot of modifications to my model, like:目前我已经尝试对我的 model 进行大量修改,例如:
- change username = None更改用户名 = 无
- REQUIRED_FIELDS = [] REQUIRED_FIELDS = []
- USERNAME_FIELDS = 'phone_number' USERNAME_FIELDS = '电话号码'
I realize that the Token Obtain Pair View is following the Django Administration page in terms of the information that you needed (username and password).我意识到令牌获取对视图在您需要的信息(用户名和密码)方面遵循 Django 管理页面。
However when I modified, I try to create superuser and try to login too Django Admin with my modified data..But I still cannot log in.. Also, I try to get token from the superuser that I have made, but it will response in "detail": "No active account found with the given credentials"但是,当我修改时,我尝试创建超级用户并尝试使用我修改后的数据登录 Django 管理员..但我仍然无法登录..另外,我尝试从我制作的超级用户那里获取令牌,但它会响应在“详细信息”中:“未找到具有给定凭据的活动帐户”
Can somebody enlighten me of the steps that I should take now??有人可以告诉我我现在应该采取的步骤吗? I have tried to look for solutions but none of them solve my problem我试图寻找解决方案,但没有一个能解决我的问题
Here's the point TLDR:这是 TLDR 的重点:
- I want my app to Login using phone number and password and want to use JWT Token Auth to make it secure.我希望我的应用程序使用电话号码和密码登录,并希望使用 JWT 令牌验证来确保其安全。
- I realize the ObtainTokenPair view follows Django Admin credentials, so I have tried to modify my backend to be "log in" using phone number and password.我意识到ObtainTokenPair 视图遵循Django 管理员凭据,因此我尝试将我的后端修改为使用电话号码和密码“登录”。
- After I modified, I can't login to Django Admin and cannot get token with the superuser I created.修改后,我无法登录 Django Admin,也无法使用我创建的超级用户获取令牌。
Here some of the related file attach: Settings.py这里附上一些相关文件: Settings.py
"""
Django settings for androidapp project.
Generated by 'django-admin startproject' using Django 3.0.7.
For more information on this file, see
https://docs.djangoproject.com/en/3.0/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/3.0/ref/settings/
"""
import os
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '6qdk058^8b2@-pnw!cr1pbd(sao)vj+v69&4874zjh95xu7pg)'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = ['172.31.120.211',]
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'restaccount',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'androidapp.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'androidapp.wsgi.application'
# Database
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'Orbital',
'USER' :'SomeUser',
'PASSWORD':'Pass',
'HOST' : 'localhost',
'PORT' : '',
}
}
# Password validation
# https://docs.djangoproject.com/en/3.0/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/3.0/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = False
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.0/howto/static-files/
STATIC_URL = '/static/'
AUTH_USER_MODEL = 'restaccount.RegisterUser'
#FORMAT FOR DATE INPUT
DATE_INPUT_FORMATS = ('%d-%m-%Y', '%d/%m/%Y', '%d/%m/%y', '%d %b %Y',
'%d %b, %Y', '%d %b %Y', '%d %b, %Y', '%d %B, %Y',
'%d %B %Y')
#Format for date-time input format
DATETIME_INPUT_FORMATS = ('%d/%m/%Y %H:%M:%S', '%d/%m/%Y %H:%M', '%d/%m/%Y',
'%d/%m/%y %H:%M:%S', '%d/%m/%y %H:%M', '%d/%m/%y',
'%Y-%m-%d %H:%M:%S', '%Y-%m-%d %H:%M', '%Y-%m-%d')
# Adding REST_FRAMEWORK SETTING WITH JWT AUTHENTICATION
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework_simplejwt.authentication.JWTAuthentication',
],
}
# AUTHENTICATION_BACKENDS = (
# 'django.contrib.auth.backends.ModelBackend',
# 'restaccount.backends.UserBackend'
# )
RegisterUserManager inside models.py在 models.py 中注册用户管理器
class RegisterUserManager(BaseUserManager):
def create_user(self, phone_number,password, **extra_fields):
if not phone_number:
raise ValueError('The phone number must be set')
user = self.model(
phone_number=phone_number,
password = password,
**extra_fields)
user.save()
return user
def create_superuser(self,phone_number,password, **extra_fields):
extra_fields.setdefault('is_staff', True)
extra_fields.setdefault('is_superuser', True)
extra_fields.setdefault('is_active', True)
# print(phone_number)
if extra_fields.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if extra_fields.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(phone_number, password,**extra_fields)
1 个解决方案
解决方案1
0 2020-07-01 14:33:28
Its quite difficult to pin point the bug without getting hands-on to the actual project.如果不亲身参与实际项目,很难确定错误。 I can't not find the bug or fix your project.我找不到错误或修复您的项目。 that you have to do on your own.你必须自己做。 But I can surely share what I think would help you avoid bug and fix your project.但我可以肯定地分享我认为可以帮助您避免错误并修复您的项目的内容。
what I could understand我能理解的
- you want a custom user model你想要一个自定义用户 model
- your want to use jwt authentication您想使用 jwt 身份验证
so, let's begin.那么,让我们开始吧。 User model and authentication are two different things.用户 model 和身份验证是两个不同的东西。 create Custom User model first.首先创建自定义用户 model。
firstly, remove all users from database
首先,从数据库中删除所有用户create Custom User model following this ' A full example ' exactly (check by creating superuser if custom user model is working properly, if not that means you missed something try again)
完全按照此“ 完整示例”创建自定义用户 model(通过创建超级用户检查自定义用户 model 是否正常工作,如果不是这意味着您错过了一些东西,请再试一次)If you have successfully created custom user model that means you now have substituted 'username' with 'phone number' (in your case)
如果您已成功创建自定义用户 model 这意味着您现在已将“用户名”替换为“电话号码”(在您的情况下)for authentication you can use custom authentication or as you tried you can use existing packages.
对于身份验证,您可以使用自定义身份验证,或者您可以尝试使用现有包。 Configure it to act as default authentication backend.将其配置为默认身份验证后端。your choice of authentication package should take username and password, check if there is a user match those credentials create a token and return that token.
您选择的身份验证 package 应该采用用户名和密码,检查是否有用户匹配这些凭据创建一个令牌并返回该令牌。 you don't need to modify the authentication process you just provide username field(phone number) and password.您无需修改身份验证过程,只需提供用户名字段(电话号码)和密码。 Now here you might need to do something like现在在这里你可能需要做类似的事情{username: phone_number, password: password}
because your authentication package might not support custom user.因为您的身份验证 package 可能不支持自定义用户。 hope it helps.希望能帮助到你。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.