0

我正在尝试为 django rest api 身份验证编写自定义 jwt 登录视图。但它不起作用,我不知道为什么。你能帮我修复这段代码或举一些例子。提前致谢。

我的序列化器:

class LoginSerializer(serializers.Serializer):
    token = serializers.CharField(max_length=256)
    username = serializers.CharField(max_length=128)
    password = serializers.CharField(write_only=True,
                                     required=True,
                                     style={
                                         'input_type': 'password',
                                         'placeholder': 'password'
                                     })

我的观点:

from .serializers import LoginSerializer

class UserLogin(APIView):
    """
        POST login/
    """
    permission_classes = (permissions.AllowAny,)
    queryset = User.objects.all()

    def post(self, request, *args, **kwargs):
        username = request.data.get('username', '')
        password = request.data.get('password', '')
        user = auth.authenticate(request, username=username, password=password)
        if user is not None:
            auth.login(request, user)
            serializer = LoginSerializer(self.queryset,
                data={
                    'token': jwt_encode_handler(jwt_payload_handler(user)),
                    'username': username,
                    'password': password,
                }
            )
            if serializer.is_valid():
                return Response(serializer.data)
        return Response(status=status.HTTP_401_UNAUTHORIZED)
4

1 回答 1

2

您可以简单地将令牌转储到 json 中,甚至不使用序列化程序。您在此处提供数据和格式,因此您不需要验证任何用户输入。

class UserLogin(APIView):
    """
        POST login/
    """
    permission_classes = (permissions.AllowAny,)
    queryset = User.objects.all()

    def post(self, request, *args, **kwargs):
        username = request.data.get('username', '')
        password = request.data.get('password', '')
        user = auth.authenticate(request, username=username, password=password)
        if user is not None:
            auth.login(request, user)
            return Response({'token': jwt_encode_handler(jwt_payload_handler(user)),
                    'username': user.username})

        return Response(status=status.HTTP_401_UNAUTHORIZED)
于 2019-03-22T13:21:00.533 回答