DJANGO + JWT 令牌认证
[英]DJANGO + JWT TOKEN AUTHENTICATION
问题描述
So I was trying to build a backend for my Android application.
所以我试图为我的 Android 应用程序构建一个后端。 I was trying to apply a login procedure that works with JWT Token我正在尝试应用与 JWT 令牌一起使用的登录程序
This is what I have done:这就是我所做的:
- I have made a custom User model.我制作了一个自定义用户 model。
- Customize my superuser to take phone number and password, instead of username and password自定义我的超级用户以获取电话号码和密码,而不是用户名和密码
- I have successfully created superuser and store it in my database (using postgreSQL).我已成功创建超级用户并将其存储在我的数据库中(使用 postgreSQL)。
- I have also customize my token claims and response as seen in my serializers.py of class LoginSerializer.我还自定义了我的令牌声明和响应,如 class LoginSerializer 的serializers.py中所示。
However, I encounter some problem after what I did:但是,我做了之后遇到了一些问题:
- Right now, after customizing my user model, I was not able to login to Django administration with my new custom made User model, even though I have succesfully created a superuser.现在,在自定义我的用户 model 后,我无法使用我的新自定义用户 model 登录到 Django 管理,即使我已经成功创建了一个超级用户。
- I still can't get the token even after I have made a customization for my token claims, with the success superuser account I just created.即使使用我刚刚创建的成功超级用户帐户对我的令牌声明进行了自定义,我仍然无法获得令牌。
Here are some of the error message:以下是一些错误信息:
Here are the some of the files attatched below:以下是附在下面的一些文件:
models.py模型.py
from django.db import models
from django.contrib.auth.models import AbstractBaseUser,BaseUserManager
from django.utils.translation import ugettext_lazy as _
from phone_field import PhoneField
class RegisterUserManager(BaseUserManager):
def create_user(self, phone_number,password):
if not phone_number:
raise ValueError('The phone number must be set')
user = self.model(
phone_number=phone_number,
password = password,)
user.save(using = self._db)
return user
def create_superuser(self,phone_number,password, **extra_fields):
user = self.create_user(
phone_number,
password = password
)
user.is_admin = True
user.save(using= self._db)
return user
class RegisterUser(AbstractBaseUser):
first_name = models.CharField(name = 'first_name',max_length=255,default = '')
last_name = models.CharField(name='last_name', max_length=255,default = '')
email = models.EmailField(name='email', max_length = 255)
phone_number = PhoneField(name='phone_number',unique=True)
birthday = models.DateField(name ='birthday',null= True)
nickname = models.CharField(max_length=100,name = 'nickname')
is_active = models.BooleanField(default = True)
is_admin = models.BooleanField(default= False)
last_login = models.DateTimeField(auto_now= True)
USERNAME_FIELD = 'phone_number'
REQUIRED_FIELDS = []
objects = RegisterUserManager()
def __str__(self):
return self.phone_number
def has_perm(self, perm, obj = None):
return True
def has_module_perms(self,perm,obj = None):
return True
@property
def is_staff(self):
return self.is_admin
views.py视图.py
from django.shortcuts import render
from django.http import HttpResponse,JsonResponse
from rest_framework.parsers import JSONParser
from restaccount.models import RegisterUser
# Login
from restaccount.serializers import RegisterSerializers,LoginSerializer
# LoginSerializers
from django.views.decorators.csrf import csrf_exempt
from rest_framework.generics import CreateAPIView
from rest_framework_simplejwt.views import TokenObtainPairView
from rest_framework.permissions import (AllowAny,IsAuthenticated)
# from rest_framework.generics import CreateAPIView
class RegisterView(CreateAPIView):
permission_classes = (AllowAny,)
serializer_class = RegisterSerializers
queryset = RegisterUser.objects.all()
class LoginView(TokenObtainPairView):
serializer_class = LoginSerializer
serializers.py序列化程序.py
from rest_framework.serializers import (ModelSerializer,ValidationError)
from restaccount.models import RegisterUser
# Login
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
from rest_framework import serializers
class RegisterSerializers(ModelSerializer):
class Meta:
model = RegisterUser
fields =['id',
'first_name',
'last_name',
'email',
'password',
'phone_number',
'nickname',
'birthday',
]
def create(self,validated_data):
first_name = validated_data['first_name']
last_name = validated_data['last_name']
email = validated_data['email']
password = validated_data['password']
phone_number = validated_data['phone_number']
nickname = validated_data['nickname']
birthday = validated_data['birthday']
user_obj = RegisterUser(
first_name = first_name,
last_name = last_name,
email = email,
password = password,
phone_number = phone_number,
nickname = nickname,
birthday = birthday,
)
user_obj.save()
return user_obj
def update(self, instance,validated_data):
instance.first_name = validated_data.get('first_name',instance.first_name)
instance.last_name = validated_data.get('last_name', instance.last_name)
instance.email = validated_data.get('email', instance.email)
instance.password = validated_data.get('password', instance.password)
instance.phone_number = validated_data.get('phone_number', instance.phone_number)
instance.nickname = validated_data.get('nickname', instance.nicknames)
instance.birthday = validated_data.get('birthday',instance.birthday)
instance.save()
return instance
def validate(self,data):
return data
def validate_phone_number(self,value):
phone_number = value
user_qs = RegisterUser.objects.filter(phone_number = phone_number)
if user_qs.exists():
raise ValidationError("This phone number is registered")
return value
class LoginSerializer(TokenObtainPairSerializer):
@classmethod
def get_token(cls,user):
token = super().get_token(user)
token['phone_number'] = user.phone_number
token['password'] = user.password
return token
def validate(self,attrs):
data = super().validate(attrs)
refresh = self.get_token(self.user)
data['refresh'] = str(refresh)
data['access'] = str(refresh.access_token)
data['phone_number'] = self.user.phone_number
return data
1 个解决方案
解决方案1
0 2020-07-04 08:11:04
Turns out that the password field in the model have to be hashed such that user.set_password(password).事实证明,model 中的密码字段必须经过哈希处理,以便 user.set_password(password)。 This is also the same case, if you want to create a user from the API endpoint.如果您想从 API 端点创建用户,这也是相同的情况。 You have to store the hashed password in your database.您必须将散列密码存储在数据库中。
However, I don't know why this is the behaviour.但是,我不知道为什么这是这种行为。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Django Rest JWT 身份验证 - 刷新令牌 - Django Rest JWT authentication - refresh token
Django Rest 框架不接受 JWT 身份验证令牌 - Django Rest Framework not accepting JWT Authentication Token
使用Django Rest框架进行JWT令牌认证 - JWT Token Authentication with Django Rest Framework
JWT身份验证:使用UI令牌验证Graphene / Django(GraphQL)查询? - JWT Authentication: Use UI token to authenticate Graphene/Django (GraphQL) queries?
带有jwt身份验证的django rest api要求使用csrf令牌 - django rest api with jwt authentication is asking for csrf token
Django Rest 框架 JWT 身份验证要求 CSRF 令牌 - Django Rest Framework JWT authentication asking for CSRF token
如何在没有 React 的情况下在纯 Django 上进行 JWT 令牌认证? - How to make JWT Token Authentication on pure Django without React?
我应该在Django Rest Framework中使用JWT或Basic Token身份验证吗? - Should I use JWT or Basic Token authentication in Django Rest Framework?
带有jwt令牌的Django API Rest Framework和Angular 7身份验证 - Django API Rest Framework and Angular 7 Authentication with jwt token
ANDROID VOLLEY + JWT 令牌认证 + DJANGO Z50780F47F6839D43DFZ0 BC4F6839D43DF60 - ANDROID VOLLEY + JWT TOKEN AUTHENTICATION + DJANGO REST FRAMEWORK
相关标签