用检查 firebase 的权限覆盖 IsAuthenticated 权限 class
[英]Override the IsAuthenticated permission class with one that checks firebase
问题描述
I am using firebase(pyrebase library) for my authentication with a django backend and a react frontend.For this to work I had to override the DRF auth class TokenAuthentication with my FirebaseAuthentication.
我正在使用 firebase(pyrebase 库)通过 django 后端和反应前端进行身份验证。为此,我必须用我的 FirebaseAuthentication 覆盖 DRF auth class TokenAuthentication。 But I still get 401 unauthorised when I try to access a view since I also need to override the drf permission class i sAuthenticated .But I have been searching for a way to do this with python without success.Any help would be appreciated.但是,当我尝试访问视图时,我仍然得到401 未授权,因为我还需要覆盖 drf 权限 class i sAuthenticated 。但是我一直在寻找一种方法来使用 python 来做到这一点,但没有成功。任何帮助将不胜感激。 Below is a snippet of the permission class and where its applied on my views下面是权限 class 的片段,它适用于我的观点
DRF permissions.py DRF 权限.py
class IsAuthenticated(BasePermission):
"""
Allows access only to authenticated users.
"""
def has_permission(self, request, view):
return bool(request.user and request.user.is_authenticated)
views.py视图.py
class FinanceTransactionList(GenericAPIView):
authentication_classes = [FirebaseAuthentication]
permission_classes = [IsAuthenticated]
@classmethod
@encryption_check
def post(self, request, *args, **kwargs):
...
1 个解决方案
解决方案1
0 2022-09-07 15:06:34
To implement custom permission, override BasePermission and implement either, or both, of the following methods:要实现自定义权限,请覆盖BasePermission并实现以下方法之一或两者:
.has_permission(self, request, view)
.has_object_permission(self, request, view, obj)
The methods should return True if the request should be granted access, and False otherwise.如果请求应该被授予访问权限,这些方法应该返回True ,否则返回False 。
If you need to test if a request is a read operation or a write operation, you should check the request method against the constant SAFE_METHODS , which is a tuple containing 'GET' , 'OPTIONS' , and 'HEAD' .如果您需要测试请求是读取操作还是写入操作,您应该根据常量SAFE_METHODS检查请求方法,该常量是一个包含'GET' 、 'OPTIONS'和'HEAD'的元组。 For example:例如:
if request.method in permissions.SAFE_METHODS:
# Check permissions for the read-only request
else:
# Check permissions for writing request
Custom permissions will raise a PermissionDenied exception if the test fails.如果测试失败,自定义权限将引发PermissionDenied异常。 To change the error message associated with the exception, implement a message attribute directly on your custom permission.要更改与异常关联的错误消息,请直接在您的自定义权限上实现message属性。 Otherwise, the default_detail attribute from PermissionDenied will be used.否则,将使用PermissionDenied中的default_detail属性。 Similarly, to change the code identifier associated with the exception, implement a code attribute directly on your custom permission - otherwise, the default_code attribute from PermissionDenied will be used.同样,要更改与异常关联的代码标识符,请直接在您的自定义权限上实现code属性 - 否则,将使用来自PermissionDenied的default_code属性。
from rest_framework import permissions
class CustomerAccessPermission(permissions.BasePermission):
message = 'Firebase Auth Required.'
def has_permission(self, request, view):
...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.