drf TokenAuthentication 认证
- settings.py增加:
INSTALLED_APPS = [
...
'rest_framework.authtoken'
]
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication', # 全局设置
],
]
-
执行数据库迁移:
python manage.py makemigrations
、python manage.py migrate
-
urls.py增加:
from rest_framework.authtoken import views
urlpatterns = [
# drf 自带的认证
path(r'api-token-auth/', views.obtain_auth_token),
]
drf jwt认证
- 安装:
pip install djangorestframework-jwt
- settings.py增加:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
...
],
]
- urls.py增加:
from rest_framework_jwt.views import obtain_jwt_token
urlpatterns = [
# jwt自带的token认证模式
path(r'api-token-auth/', obtain_jwt_token),
]
自定义django认证
settings.py增加
AUTHENTICATION_BACKENDS = (
'common.auth.CustomBackend',
)
common/auth.py增加:
from django.contrib.auth.backends import ModelBackend
from django.contrib.auth import get_user_model
from django.db.models import Q
User = get_user_model()
class CustomBackend(ModelBackend):
def authenticate(self, request, username=None, password=None, **kwargs):
try:
user = User.objects.get(Q(username=username) | Q(mobile=username))
if user.check_password(password):
return user
except Exception as e:
return None
用户注册实战
验证码发送
utils.sms.py
class Sms:
def __init__(self, api_key=''):
self.api_key = api_key
self.single_send_url =