一、生成token并返回
import jwt
import datetime
user = User.objects.filter(id=userid)
if user:
payload = {
'exp':datetime.datetime.utconutcnow() + datetime.timedelta(days=1),
'data':{
'userid':user.userid,
}
}
token = jwt.encode(payload,SECRET_KEY, algorithm='HS256').decode()
USER_LOGIN_SUCCESS = (200001, '用户登录成功')
response = DefaultResponse(*USER_LOGIN_SUCCESS,data={
'token': token, 'username': user.username, 'realname': user.realname})
else:
USER_LOGIN_FAILED = (200002, '用户名或密码错误')
response = DefaultResponse(*USER_LOGIN_FAILED)
class DefaultResponse(Response):
def __init__(self, code=100000, message='操作成功',
data=None, status=None, template_name=None,
headers=None, exception=False, content_type=None):
_data = {'code': code, 'message': message}
if data:
_data.update(data)
super().__init__(_data, status, template_name,
headers, exception, content_type)
二、验证token
class UserLoginAuthentication(BaseAuthentication):
def authenticate(self,request):
token = request.META.get('HTTP_TOKEN')
if token:
try:
payload = jwt.decode(token,SECRET_KEY)
user.id = payload['data']['userid']
user.is_authenticated = True
return user,token
except InvalidTokenError:
raise AuthenticationFailed('无效的令牌或令牌已过期')
raise AuthenticationFailed('请提供用户身份令牌')