django Token権限認証

10587 ワード
jwt django

django Token権限認証

  • rest_を書き換えるframeworkのTokenAuthentication、tokenの有効期限を設定する
  • users.models.py 
    # Create your models here.
from rest_framework.authtoken.models import Token


class PrivateToken(Token):
    """
     Token , 
    """

    class Meta:
        verbose_name = 'Private Token'
  • users.authentication.py 
    from datetime import timedelta

from django.conf import settings
from django.utils import timezone
from django.utils.translation import ugettext_lazy as _
from rest_framework import authentication, exceptions
from users.models import PrivateToken


class PrivateTokenAuthentication(authentication.TokenAuthentication):
    """
    API Token 
    """
    model = PrivateToken

    def authenticate_credentials(self, key):
        model = self.get_model()
        try:
            token = model.objects.select_related('user').get(key=key)
        except model.DoesNotExist:
            raise exceptions.AuthenticationFailed(_('Invalid token.'))

        if not token.user.is_active:
            raise exceptions.AuthenticationFailed(_('User inactive or deleted.'))

        if timezone.now() > (token.created + timedelta(seconds=settings.TOKEN_EXPIRATION)):
            raise exceptions.AuthenticationFailed(_('Token has expired'))
        return (token.user, token)
  • settings.py 
    REST_FRAMEWORK = {
       
    # Use Django's standard `django.contrib.auth` permissions,
    # or allow read-only access for unauthenticated users.
    'EXCEPTION_HANDLER': 'common.views.exception_handler',
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated',
    ),
    'DEFAULT_RENDERER_CLASSES': (
        'rest_framework.renderers.JSONRenderer',
        'rest_framework.renderers.BrowsableAPIRenderer',
    ),
    'DEFAULT_PARSER_CLASSES': (
        'rest_framework.parsers.JSONParser',
        'rest_framework.parsers.FormParser',
        'rest_framework.parsers.MultiPartParser',
        'rest_framework.parsers.FileUploadParser',
    ),
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'users.authentication.PrivateTokenAuthentication',  #  
        # 'users.authentication.SessionAuthentication',
    ),
    'DEFAULT_FILTER_BACKENDS': (
        'django_filters.rest_framework.DjangoFilterBackend',
        'rest_framework.filters.SearchFilter',
        'rest_framework.filters.OrderingFilter',
    ),
    'ORDERING_PARAM': "order",
    'SEARCH_PARAM': "search",
    'DATETIME_FORMAT': '%Y-%m-%d %H:%M:%S %z',
    'DATETIME_INPUT_FORMATS': ['%Y-%m-%d %H:%M:%S %z'],
    'PAGINATE_BY': 10,
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
    'PAGE_SIZE': 15
}
    • [PS]秘密地図(LV 1)
    Exception in thread "main"java.lang.NoSuchMethodError: com.google.common.base.Preconditions.checkArgument(ZLjava/lang/String;Ljava/lang/Object;)