我按照@omab 的建议进行了以下操作:
步骤1)
在您的应用程序中创建一个文件(例如app/token_generator.py
)并将以下函数粘贴到.
第2步)
将您的令牌生成器的路径添加到settings.py
.
OAUTH2_PROVIDER = {
'ACCESS_TOKEN_EXPIRE_SECONDS': 60 * 5,
#this is my path, you should add yours
'ACCESS_TOKEN_GENERATOR': 'user_auth.token_generator.token_generator'
}
示例(我的情况):
我想将过期日期添加到令牌有效负载中,因此我执行了以下操作:
try:
from secrets import SystemRandom
except ImportError:
from random import SystemRandom
UNICODE_ASCII_CHARACTER_SET = (
'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' '0123456789'
)
def token_generator(request, length=30, chars=UNICODE_ASCII_CHARACTER_SET):
"""Generates a non-guessable OAuth Json Web Token
OAuth (1 and 2) does not specify the format of tokens except that they
should be strings of random characters. Tokens should not be guessable
and entropy when generating the random characters is important. Which is
why SystemRandom is used instead of the default random.choice method.
"""
from django.conf import settings
from jose import jwt
from datetime import datetime, timedelta
import calendar
rand = SystemRandom()
secret = getattr(settings, 'SECRET_KEY')
token = ''.join(rand.choice(chars) for x in range(length))
expires_in = getattr(settings, 'OAUTH2_PROVIDER')['ACCESS_TOKEN_EXPIRE_SECONDS']
exp = calendar.timegm((datetime.utcnow() + timedelta(seconds=expires_in)).utctimetuple())
jwtted_token = jwt.encode({'token': token, 'exp': exp}, secret, algorithm='HS256')
return jwtted_token