0

TLDR - 但默认情况下,从后端发送的 JWT 令牌仅包含用户名。我也想要 userId。这是它当前包含的内容:-

HEADER:ALGORITHM & TOKEN TYPE

{
  "typ": "JWT",
  "alg": "HS256"
}
PAYLOAD:DATA

{
  "username": "admin",  <---- I have the username already. Need the userId as well!
  "exp": 1621845856,
  "origIat": 1621845556
}
VERIFY SIGNATURE

HMACSHA256(
  base64UrlEncode(header) + "." +
  base64UrlEncode(payload),
  
your-256-bit-secret

) secret base64 encoded

我有一个 Django GraphQL API(使用 Graphene、django-graphql-auth、django-graphql-jwt)和一个 Angular 前端。我有完整的身份验证设置。现在我面临的问题是我将令牌存储在本地存储中,因此当用户再次打开浏览器时,我想验证该令牌并仅使用其中的信息来获取用户的 ID,然后使用它userId 来获取他们的用户个人资料信息,这是完成登录过程的重要步骤。

我不确定如何自定义有效负载以包含 userId。这样当用户在关闭后打开浏览器时,我可以简单地使用令牌中的信息来完全登录。我对 Python 和 Django 都很陌生。我在网上的任何地方都找不到详细的过程,也许我不是在寻找正确的东西或在正确的地方。详细的说明会很有帮助。

4

1 回答 1

1

以下是此处找到的解决方案的更彻底再现。

我们基本上需要覆盖作为包一部分的 jwt_payload 方法graphql_jwt

将此添加到项目的settings.py

GRAPHQL_JWT = {
    'JWT_PAYLOAD_HANDLER': 'common.utils.jwt_payload',
}

common在您拥有该文件的同一目录中的文件夹中创建以下manage.py文件。

在里面,创建以下两个文件:- 这是我们在sub属性中添加 user_id 的地方。

实用程序.py

from calendar import timegm
from datetime import datetime
from .settings import jwt_settings


def jwt_payload(user, context=None):
    username = user.get_username()
    user_id = str(user.id)

    if hasattr(username, 'pk'):
        username = username.pk

    payload = {
        user.USERNAME_FIELD: username,
        'sub': user_id,
        'exp': datetime.utcnow() + jwt_settings.JWT_EXPIRATION_DELTA,
    }

    if jwt_settings.JWT_ALLOW_REFRESH:
        payload['origIat'] = timegm(datetime.utcnow().utctimetuple())

    if jwt_settings.JWT_AUDIENCE is not None:
        payload['aud'] = jwt_settings.JWT_AUDIENCE

    if jwt_settings.JWT_ISSUER is not None:
        payload['iss'] = jwt_settings.JWT_ISSUER

    return payload

common 文件夹中的这个 settings.py 文件只是一个依赖项。对于 utils.py。

设置.py

from datetime import timedelta
from importlib import import_module

from django.conf import settings
from django.contrib.auth import get_user_model
from django.test.signals import setting_changed

DEFAULTS = {
    'JWT_ALGORITHM': 'HS256',
    'JWT_AUDIENCE': None,
    'JWT_ISSUER': None,
    'JWT_LEEWAY': 0,
    'JWT_SECRET_KEY': settings.SECRET_KEY,
    'JWT_VERIFY': True,
    'JWT_VERIFY_EXPIRATION': False,
    'JWT_EXPIRATION_DELTA': timedelta(seconds=60 * 5),
    'JWT_ALLOW_REFRESH': True,
    'JWT_REFRESH_EXPIRATION_DELTA': timedelta(days=7),
    'JWT_LONG_RUNNING_REFRESH_TOKEN': False,
    'JWT_REFRESH_TOKEN_MODEL': 'refresh_token.RefreshToken',
    'JWT_REFRESH_TOKEN_N_BYTES': 20,
    'JWT_AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
    'JWT_AUTH_HEADER_PREFIX': 'JWT',
    'JWT_ALLOW_ARGUMENT': False,
    'JWT_ARGUMENT_NAME': 'token',
    'JWT_ENCODE_HANDLER': 'graphql_jwt.utils.jwt_encode',
    'JWT_DECODE_HANDLER': 'graphql_jwt.utils.jwt_decode',
    'JWT_PAYLOAD_HANDLER': 'graphql_jwt.utils.jwt_payload',
    'JWT_PAYLOAD_GET_USERNAME_HANDLER': (
        lambda payload: payload.get(get_user_model().USERNAME_FIELD)
    ),
    'JWT_GET_USER_BY_NATURAL_KEY_HANDLER':
    'graphql_jwt.utils.get_user_by_natural_key',
    'JWT_REFRESH_EXPIRED_HANDLER': 'graphql_jwt.utils.refresh_has_expired',
    'JWT_GET_REFRESH_TOKEN_HANDLER':
    'graphql_jwt.refresh_token.utils.get_refresh_token_by_model',
    'JWT_ALLOW_ANY_HANDLER': 'graphql_jwt.middleware.allow_any',
    'JWT_ALLOW_ANY_CLASSES': (),
    'JWT_COOKIE_NAME': 'JWT',
    'JWT_REFRESH_TOKEN_COOKIE_NAME': 'JWT-refresh-token',
    'JWT_COOKIE_SECURE': False,
}

IMPORT_STRINGS = (
    'JWT_ENCODE_HANDLER',
    'JWT_DECODE_HANDLER',
    'JWT_PAYLOAD_HANDLER',
    'JWT_PAYLOAD_GET_USERNAME_HANDLER',
    'JWT_GET_USER_BY_NATURAL_KEY_HANDLER',
    'JWT_REFRESH_EXPIRED_HANDLER',
    'JWT_GET_REFRESH_TOKEN_HANDLER',
    'JWT_ALLOW_ANY_HANDLER',
    'JWT_ALLOW_ANY_CLASSES',
)


def perform_import(value, setting_name):
    if isinstance(value, str):
        return import_from_string(value, setting_name)
    if isinstance(value, (list, tuple)):
        return [import_from_string(item, setting_name) for item in value]
    return value


def import_from_string(value, setting_name):
    try:
        module_path, class_name = value.rsplit('.', 1)
        module = import_module(module_path)
        return getattr(module, class_name)
    except (ImportError, AttributeError) as e:
        msg = 'Could not import `{}` for JWT setting `{}`. {}: {}.'.format(
            value, setting_name, e.__class__.__name__, e,
        )
        raise ImportError(msg)


class JWTSettings:

    def __init__(self, defaults, import_strings):
        self.defaults = defaults
        self.import_strings = import_strings
        self._cached_attrs = set()

    def __getattr__(self, attr):
        if attr not in self.defaults:
            raise AttributeError('Invalid setting: `{}`'.format(attr))

        value = self.user_settings.get(attr, self.defaults[attr])

        if attr == 'JWT_ALLOW_ANY_CLASSES':
            value = list(value) + [
                'graphql_jwt.mixins.JSONWebTokenMixin',
                'graphql_jwt.mixins.VerifyMixin',
                'graphql_jwt.refresh_token.mixins.RevokeMixin',
            ]

        if attr in self.import_strings:
            value = perform_import(value, attr)

        self._cached_attrs.add(attr)
        setattr(self, attr, value)
        return value

    @property
    def user_settings(self):
        if not hasattr(self, '_user_settings'):
            self._user_settings = getattr(settings, 'GRAPHQL_JWT', {})
        return self._user_settings

    def reload(self):
        for attr in self._cached_attrs:
            delattr(self, attr)

        self._cached_attrs.clear()

        if hasattr(self, '_user_settings'):
            delattr(self, '_user_settings')


def reload_settings(*args, **kwargs):
    setting = kwargs['setting']

    if setting == 'GRAPHQL_JWT':
        jwt_settings.reload()


setting_changed.connect(reload_settings)

jwt_settings = JWTSettings(DEFAULTS, IMPORT_STRINGS)

于 2021-05-25T11:43:39.513 回答