1、安装Simple-JWT插件
pip install djangorestframework-simplejwt
2、配置主模块配置 settings.py
添加 rest_framework_simplejwt 和 rest_framework_simplejwt.token_blacklist 到 INSTALLED_APPS :
INSTALLED_APPS = [
"django.contrib.admin",
"django.contrib.auth",
"django.contrib.contenttypes",
"django.contrib.sessions",
"django.contrib.messages",
"django.contrib.staticfiles",
"rest_framework",
"app_drf01.apps.AppDrf01Config",
"api.apps.ApiConfig",
"rest_framework_simplejwt",
]
3、配置 REST_FRAMEWORK
在 settings.py 文件中,配置 DEFAULT_AUTHENTICATION_CLASSES ,添加 JWTAuthentication 。
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
),
}
4、settings.py完整代码
python
from pathlib import Path
import os
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = "django-insecure-ws(9g7m^dty#ouzqdii*s^((+a33v@qn654gm0+b)_97)#sx-e"
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
# Application definition
INSTALLED_APPS = [
"django.contrib.admin",
"django.contrib.auth",
"django.contrib.contenttypes",
"django.contrib.sessions",
"django.contrib.messages",
"django.contrib.staticfiles",
"rest_framework",
"app_drf01.apps.AppDrf01Config",
"api.apps.ApiConfig",
"rest_framework_simplejwt",
]
REST_FRAMEWORK = {
"DEFAULT_AUTHENTICATION_CLASSES": (
"rest_framework_simplejwt.authentication.JWTAuthentication",
)
}
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
]
ROOT_URLCONF = "maker_drf.urls"
TEMPLATES = [
{
"BACKEND": "django.template.backends.django.DjangoTemplates",
"DIRS": [],
"APP_DIRS": True,
"OPTIONS": {
"context_processors": [
"django.template.context_processors.debug",
"django.template.context_processors.request",
"django.contrib.auth.context_processors.auth",
"django.contrib.messages.context_processors.messages",
],
},
},
]
WSGI_APPLICATION = "maker_drf.wsgi.application"
DATABASES = {
"default": {
"ENGINE": "django.db.backends.mysql",
"NAME": "python_demo", # 数据库名称
"USER": "root", # 数据库用户名
"PASSWORD": "1234567890", # 数据库密码
"HOST": "127.0.0.1", # 数据库主机地址
"PORT": "13306", # 数据库端口
}
}
AUTH_PASSWORD_VALIDATORS = [
{
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
},
{
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
},
{
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
},
{
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
},
]
# 设置默认语言为中文
LANGUAGE_CODE = "zh-hans" # 简体中文
# 设置默认时区
TIME_ZONE = "Asia/Shanghai" # 上海时区
USE_I18N = True
USE_TZ = True
STATIC_URL = "static/"
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
# 媒体文件的存储路径
MEDIA_ROOT = os.path.join(BASE_DIR, "media")
# 媒体文件的访问 URL
MEDIA_URL = "/media/"
from datetime import timedelta
SIMPLE_JWT = {
"ACCESS_TOKEN_LIFETIME": timedelta(minutes=5), # Access Token 的有效期
"REFRESH_TOKEN_LIFETIME": timedelta(days=7), # Refresh Token 的有效期
"ROTATE_REFRESH_TOKENS": True, # 刷新时是否生成新的 Refresh Token
"BLACKLIST_AFTER_ROTATION": True, # 是否在刷新后废弃旧的 Refresh Token
"ALGORITHM": "HS256", # 使用的加密算法
"SIGNING_KEY": SECRET_KEY, # 设置签名密钥
"VERIFYING_KEY": None, # 如果使用公钥算法,可以配置验证密钥
}5、 主urls.py配置(和上一版的是一样)
python
from django.contrib import admin
from django.urls import path, include, re_path
from django.views.static import serve
from django.conf import settings
from app_drf01 import views
urlpatterns = [
path("admin/", admin.site.urls),
re_path(
r"^media/(?P<path>.*)$",
serve,
{"document_root": settings.MEDIA_ROOT},
name="media",
),
path("test/", views.test),
path("api/", include(("api.urls", "api"), namespace="api")),
]6、api模块中的urls.py配置
urlpatterns = [
登录
path("token/", TokenObtainPairView.as_view(), name="token_obtain_pair"),
刷新
path("token/refresh/", TokenRefreshView.as_view(), name="token_refresh"),
校验
path("token/verify/", TokenVerifyView.as_view(), name="token_verify"),
]
完整配置如下:
python
from django.urls import path, re_path
from . import views
from rest_framework import routers
from rest_framework_simplejwt.views import (
TokenObtainPairView,
TokenRefreshView,
TokenVerifyView,
TokenBlacklistView,
)
routers = routers.DefaultRouter()
routers.register("linkapi", views.Linkapi)
app_name = "api"
urlpatterns = [
# 登录
path("token/", TokenObtainPairView.as_view(), name="token_obtain_pair"),
# 刷新
path("token/refresh/", TokenRefreshView.as_view(), name="token_refresh"),
# 校验
path("token/verify/", TokenVerifyView.as_view(), name="token_verify"),
# 黑名单
path("token/blacklist/", TokenBlacklistView.as_view(), name="token_blacklist"),
]
urlpatterns += routers.urls7、创建一个用户,执行命令
python manage.py createsuperuser
按照提示去创建用户信息
基于apifox工具去测试以下内容:
8、模拟登录,获取token
http://127.0.0.1:8000/api/token/ POST
{
"username": "admin",
"password": "23232"
}
9、 刷新,获取token
http://127.0.0.1:8000/api/token/refresh/ POST
{
"refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTc0Mzk5MjAwMywiaWF0IjoxNzQzMzg3MjAzLCJqdGkiOiI0ZmU5YWQ3N2E3Y2E0NDA1YjkzNWE0M2Y2ZDlkOWYxMiIsInVzZXJfaWQiOjF9.MsKXMsV3E34233Z0wpOqroMAmOLHzBi-pYf5mFcNtFg"
}
10、 校验token
http://127.0.0.1:8000/api/token/verify/ POST
11、查询接口测试
12、 新增接口
需要先配置token,否则数据提交失败。
配置token到apifox中的auth窗口
13、基于自动化脚本去设置环境变量
在login接口去配置
python
var jsonData = pm.response.json()
pm.environment.set("refresh_token", jsonData.refresh);
pm.environment.set("access_token", jsonData.access);
14、测试 更新接口
从环境变量中选择对应的token
15、执行更新url操作成功
16、全局配置,点击父目录进行以上同样的配置
备注:如果配置的未生效,需要将当前的tab页关掉,重新打开就可以访问。
17、代码下载
链接: https://pan.baidu.com/s/1BD6WLdL_1OHKUl1cPhykPw?pwd=rt1w 提取码: rt1w