首页 > 其他分享> > django token验证装饰器

django token验证装饰器

2021-03-10 17:01:34 作者：互联网

在这里插入图片描述

装饰器

# login_check('PUT', 'GET', 'POST')
def login_check(*methods):  # *methods 装饰器参数 ('PUT', 'GET', 'POST')
    def __login_check(func):    # func 被装饰的函数 users
        def wrapper(request, *args, **kwargs):
            # 通过 request 检查token request.***
            # 校验不通过 return JsonResponse()
            token = request.META.get('HTTP_AUTHORIZATION')
            if request.method not in methods:  # 'GET', 'POST'
                return func(request, *args, **kwargs)  # 不需要处理的情况  当前模型、不在需要装饰列表中
            if not token:
                result = {'code': 107, 'error': 'Please give me token'}
                return JsonResponse(result)

            try:
                res = jwt.decode(token, KEY, algorithms=['HS256'])
            except jwt.ExpiredSignatureError as e:
                # token过期了
                result = {'code': 108, 'error': "Please login"}
                return JsonResponse(result)
            except Exception as e:
                result = {'code': 109, 'error': 'Please login'}
                return JsonResponse(result)

            username = res['username']

            try:
                user = UserProfile.objects.get(username=username)
            except Exception as e:
                user = None

            if not user:
                result = {'code': 110, 'error': 'no user'}
                return JsonResponse(result)
            # user 查询出来

            # 将查询成功的 user 赋值给 request
            request.user = user
            return func(request, *args, **kwargs)

        return wrapper

    return __login_check


def __login_check(func):
    def wrapper():
        return func()

    return wrapper

调用装饰器

@login_check('PUT')
def users(request, username=None):
    if request.method == 'GET':
       pass
    elif request.method == 'POST':
       pass
    elif request.method == 'PUT':
        # 更新数据
        user = request.user
        json_str = request.body
        if not json_str:
            result = {'code': 209, 'error': 'Please give me json'}
            return JsonResponse(result)

        json_obj = json.loads(json_str)

        if 'sign' not in json_obj:
            result = {'code': 210, 'error': 'no sign'}
            return JsonResponse(result)

        if 'info' not in json_obj:
            result = {'code': 211, 'error': 'no info'}
            return JsonResponse(result)

        sign = json_obj.get('sign')
        info = json_obj.get('info')
        request.user.sign = sign
        request.user.info = info
        request.user.save()

        result = {'code': 200, 'username': request.user.username}
        return JsonResponse(result)

        # 获取前端传来的 token
        # http头 被django重名，建议百度

    else:
        raise

标签：return,验证,JsonResponse,request,json,django,token,result,user
来源： https://blog.csdn.net/weixin_45875105/article/details/114639308