从FBV到CBV二(认证器)
作者:互联网
<style></style> <style></style> 上篇随笔中我们看到在restframework.views的dispatch是请求的处理入口,里面先是通过initialize_request将request进行封装,封装后的request不仅仅有原先的request,还有解析器,认证,以及渲染。
- 认证
REST_FRAMEWORK = {2
'DEFAULT_AUTHENTICATION_CLASSES': (3
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',4
'rest_framework.authentication.SessionAuthentication',5
'rest_framework.authentication.BasicAuthentication',6
)7
}容易理解,默认是读取项目setting.py的文件,dispatch中initialize_request将找到的验证器封装到request对象中,接下来 执行了initial方法 self.perform_authentication(request) 负责进行验证: 执行了request.user: 这里我们看到实际调用了self._authenticate() 解释:
- for authenticator in self.authenticators:
通过遍历找到我们的认证器 - user_auth_tuple = authenticator.authenticate(self)
- except exceptions.APIException: self._not_authenticated() raise
- if user_auth_tuple is not None:
self._authenticator = authenticator
self.user, self.auth = user_auth_tuple
return
- self._not_authenticated()
from rest_framework.exceptions import AuthenticationFailed2
class MyAuthentication(object):3
# authenticate authenticate_header 两个方法是必须有的,authenticate用来写我们自己的认证方式,authenticate_header直接写pass就行,不写会抛错,缺少authenticate_header方法4
def authenticate(self, request):5
self.token = request._request.GET.get('token')6
if not self.token:7
raise AuthenticationFailed('用户认证失败') # 如果认证失败,就抛出一个AuthenticationFailed异常8
return ('wbj', self.token) # 如果认证通过,就行返回一个元组,第一个元素是用户身份(user),第二个是auth9 10
def authenticate_header(self, request):11
pass使用MyAuthentication进行身份认证: <wiz_code_mirror> x 1
class Book(APIView):2
authentication_classes = [MyAuthentication, ]3 4
def dispatch(self, request, *args, **kwargs):5
return super().dispatch(request, *args, **kwargs)6 7
def get(self, request):8
# get a book9
return HttpResponse(json.dumps({'code': '20000'}))10 11
def post(self, request):12
return HttpResponse(json.dumps({'code': '20000'}))13 14
def put(self, request):15
# update a book16
return HttpResponse(json.dumps({'code': '20000'}))17 18
def delete(self, request):19
# delete a book20
return HttpResponse(json.dumps({'code': '20000'}))进行测试:
带token请求 不带token请求
标签:authenticate,FBV,self,request,认证,CBV,CodeMirror,wiz,def 来源: https://www.cnblogs.com/wangbaojun/p/10991052.html