1 安裝Django擴(kuò)展庫
pip install djangorestframework
pip install djangorestframework-jwt
2 新建用戶model匹表, 在app/models.py文件中,若修改丢郊,請確保from app.models import 可以成功
from django.db import models
from django.contrib.auth.models import AbstractUser
# Create your models here.
#userProfile繼承AbstractUser分類被饿,進(jìn)行拓展
class UserProfile(AbstractUser):
"""
用戶類拓展
"""
name = models.CharField(max_length=30, null=True, blank=True, verbose_name="姓名" )
avatar = models.CharField(max_length=100, null=True, blank=True, verbose_name="頭像")
role = models.CharField(max_length=10, default="員工", verbose_name="角色")
class Meta:
verbose_name = "用戶"
verbose_name_plural = verbose_name
def __str__(self):
return self.username
3 執(zhí)行數(shù)據(jù)庫遷移
python manage.py makemigrations app_name
python mange.py migrate app_name
4 settings.py設(shè)置
AUTH_USER_MODEL = "interface.UserProfile" # interface為app_name
#設(shè)置rest-framework的權(quán)限驗(yàn)證
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
),
}
#設(shè)置JWT的過期時(shí)間,以及JWT的token開頭字符串(驗(yàn)證協(xié)議)
JWT_AUTH = {
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=7),
'JWT_AUTH_HEADER_PREFIX': 'JWT',
}
5 設(shè)置用戶登錄url铭若,在urls.py中設(shè)置
from django.contrib import admin
from django.urls import path, include
from rest_framework_jwt.views import obtain_jwt_token
urlpatterns = [
path('admin/', admin.site.urls),
path('api-token-auth/', obtain_jwt_token), #新增行
]
操作完以上5步驟即可整合JWT到框架中
使用Postman或其他工具測試Token
- 創(chuàng)建用戶
python manage.py createsuperuser
-
使用REST-client測試接口
image.png
-
請求其他接口樣例
image.png
保證請求的header中包含了Authorization的token洪碳,其中token前要加JWT(手動(dòng)空格)
