DRF — DRF user defined authentication class, user defined authority function and use

Time:2020-11-23

 

#Note: authentication > authority > frequency the first step of authentication is that if the authentication is not passed, the authority will not be obtained, and if the authority is not passed, the frequency will not be reached

1User defined authentication class

1 use
    -Define a class that inherits baseauthentication
    class LoginAuth(BaseAuthentication):
        def authenticate(self, request):
            token = request.GET.get('token')
            res = models.UserToken.objects.filter(token=token).first()
            if res:
                Return tuple
            else:
                Raise authentication failed ('You are not logged in ')
    -Override authenticate method
    -Local use and global use
        -Local: configure in the view class (as long as it is configured, it can be accessed after logging in; if it is not configured, it can be accessed without logging in)
            authentication_classes = [MyAuthen.LoginAuth, ]
        -Overall situation
        REST_FRAMEWORK = {
        "DEFAULT_AUTHENTICATION_CLASSES": ["app01.MyAuthen.LoginAuth", ]
        }
        
   -Note:
    1 authentication class. After authentication, a tuple can be returned. There are two values. The first value will be given to, request.user The second value will be request.auth
    2. Multiple authentication classes can be configured and executed from front to back. If there is a return value in front of it, the authentication will not continue
    3. Get request carries a token: - put it in the request header: URL /? Token = xxxxxxxxx ----- put it in the header and get it with meta
                -In the body parameter: key:token value :xxxxxxxx

2Local and global use of authentication functions

1 global use (all interfaces need to be logged in to access)
    -In the configuration file
        REST_FRAMEWORK = {
        "DEFAULT_AUTHENTICATION_CLASSES": ["app01.MyAuthen.LoginAuth", ]
        }
2 local use
    -On the view class that you want to use locally
    authentication_classes = [MyAuthen.LoginAuth,]
3 local prohibition
    -On the view class you want to disable
    authentication_classes = []

3User defined permission function

After successful login, super users can do some things, ordinary users can't do them -- --- super users can view some interfaces, ordinary users can't

2 use
   -Write a class, inherit basepermission, and override has_ permission
    class SuperPermission(BasePermission):
        def has_permission(self, request, view):
            # Return `True` if permission is granted, `False` otherwise.
            #Super users can access, except super users
            if request.user.user_type == '1':
                return True
            else:
                return False
            
3 local use and global use
    -On the view class that you want to use locally
    permission_classes = [MyAuthen.SuperPermission]
    -Global use
      REST_FRAMEWORK = {
        "DEFAULT_PERMISSION_CLASSES": ["app01.MyAuthen.SuperPermission", ]
        }
     -Local disable
    permission_classes = []

4Local use and global use of permission function

1 usage
    -On the view class that you want to use locally
    permission_classes = [MyAuthen.SuperPermission]
    -Global use
      REST_FRAMEWORK = {
        "DEFAULT_PERMISSION_CLASSES": ["app01.MyAuthen.SuperPermission", ]
        }
     -Local disable
    permission_classes = []

5Built in permissions and authentication classes

#Built in authentication class
from rest_framework.exceptions import AuthenticationFailed
#Built in permission class
from rest_framework.permissions import BasePermission

 

Recommended Today

Vue monitors whether the DOM element scrolls up or down in demo to achieve ceiling effect.

Go directly to the page dmeo <template> <div> <van-pull-refresh v-model=”isLoading” @refresh=”onRefresh” > <ul ref=”msgList”> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> <li>11111111</li> </ul> </van-pull-refresh> </div> </template> <script> //I use the vant component globally here, so I can use the drop-down effect directly //Van pull refresh export […]