0
点赞
收藏
分享

微信扫一扫

Django 装饰器验证Token

北冥有一鲲 2022-03-18 阅读 36

背景:

用户后端与业务后端分离,登录接口及token验证接口均需在用户后端完成

业务后端代码views写法:

class MessageView(mixins.ListModelMixin):
    permission_classes = []
    authentication_classes = []
    module_name = 'analysis'
    pagination_class = Pagination
    queryset = message_notification.objects.all()
    serializer_class = MessageSerializers

    @verification
    def get(self, request, *args, **kwargs):
        return self.list(request, *args, **kwargs)

装饰器(可定义在工具函数内):


def verification(fun):
    def wrapped_func(*args, **kwargs):
        token = args[1].headers.get('Authorization')
        ip="127.0.0.1:5003"
        if 'Authorization' not in args[1].headers.keys() or token == '':
            return Response({'code': 500, 'message': '请检查请求头Authorization'})
        response = requests.get(
            'http://{}/api/v1/user/analysisToken/'.format(ip), headers={
                'Authorization': token
            })
        if response.json()['result']:
            args = args + (response.json()['username'], response.json()['user_id'],)
            return fun(*args, **kwargs)
        else:
            return Response({'code': 500, 'message': 'Token验证失败'}, status=status.HTTP_401_UNAUTHORIZED)
    return wrapped_func

 """
            response说明:{
                {'code': 200,
                 'result': True ,
                 'username': "admin",
                 'user_id': 1}
            }
"""

如上便通过装饰器完成了Token的验证,对于Token的验证有很多办法,也可定义在中间键process_request中

举报

相关推荐

0 条评论