Django rest框架:使用电子邮件而不是用户名获得授权令牌

 

我正在开发一个项目,为移动设备启用django rest框架认证。 我正在使用默认的令牌认证来从发送用户名和密码的发布请求中获取用户令牌。 

curl --data "username=username&password=password" http://127.0.0.1:8000/api/api-token-auth/

(api / api-token-auth /是使用obtain_auth_token视图配置的url) 

urlpatterns = [
    url(r'^api/api-token-auth/', obtain_auth_token),
    url(r'^', include(router.urls)),
]

并且响应是用户令牌。 

{"token":"c8a8777aca969ea3a164967ec3bb341a3495d234"}

我需要使用邮件密码获取用户令牌auth,而不是使用username-password或两者。 我正在阅读自定义身份验证文档http://www.django-rest-framework.org/api-guide/authentication/#custom-authentication ...但真的,我不是很清楚。 这对我非常有帮助......谢谢:)。

好吧,我找到了一种使用电子邮件或用户名来获取身份验证令牌的方法...这是序列化程序: 

class AuthCustomTokenSerializer(serializers.Serializer):
    email_or_username = serializers.CharField()
    password = serializers.CharField()

    def validate(self, attrs):
        email_or_username = attrs.get('email_or_username')
        password = attrs.get('password')

        if email_or_username and password:
            # Check if user sent email
            if validateEmail(email_or_username):
                user_request = get_object_or_404(
                    User,
                    email=email_or_username,
                )

                email_or_username = user_request.username

            user = authenticate(username=email_or_username, password=password)

            if user:
                if not user.is_active:
                    msg = _('User account is disabled.')
                    raise exceptions.ValidationError(msg)
            else:
                msg = _('Unable to log in with provided credentials.')
                raise exceptions.ValidationError(msg)
        else:
            msg = _('Must include "email or username" and "password"')
            raise exceptions.ValidationError(msg)

        attrs['user'] = user
        return attrs

在EMAIL_OR_USERNAME领域,用户可以发送电子邮件或用户名,并使用功能validateEmail(),我们可以检查,如果用户试图使用电子邮件或用户名进行登录。 然后,我们可以查询获取用户实例是否有效,并对其进行身份验证。

这是观点。 

class ObtainAuthToken(APIView):
    throttle_classes = ()
    permission_classes = ()
    parser_classes = (
        parsers.FormParser,
        parsers.MultiPartParser,
        parsers.JSONParser,
    )

    renderer_classes = (renderers.JSONRenderer,)

    def post(self, request):
        serializer = AuthCustomTokenSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        user = serializer.validated_data['user']
        token, created = Token.objects.get_or_create(user=user)

        content = {
            'token': unicode(token.key),
        }

        return Response(content)

接着: 

curl --data "email_or_username=emailorusername&password=password" http://127.0.0.1:8000/api/my-api-token-auth/.

准备好了。

将这些要求写入settings.py 

ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = False

要检查,请将此json格式请求发送到您的服务器: 

{
    "username":"youremail@mail.domain",
    "password":"Pa$$w0rd"
}

有一个更清晰的方式来获取用户令牌。

只需运行manage.py shell

接着 

from rest_framework.authtoken.models import Token
from django.contrib.auth.models import User
u = User.objects.get(username='admin')
token = Token.objects.create(user=u)
print token.key
链接地址: http://www.djcxy.com/p/33771.html

上一篇: Django rest framework: Obtain auth token using email instead username

下一篇: Get Authenticated user from token in Django Rest Framework