-
安装
pip install djangorestframework_simplejwt -
settings中配置
INSTALLED_APPS = [ "...", "rest_framework", "rest_framework_simplejwt", ] REST_FRAMEWORK = { "DEFAULT_PARSER_CLASSES": [ "rest_framework.parsers.JSONParser", "rest_framework.parsers.FormParser" ], 'DEFAULT_AUTHENTICATION_CLASSES': ( 'rest_framework_simplejwt.authentication.JWTAuthentication', 'rest_framework.authentication.SessionAuthentication', 'rest_framework.authentication.BasicAuthentication', ), 'DEFAULT_PERMISSION_CLASSES': [ 'rest_framework.permissions.IsAuthenticated', ], } SIMPLE_JWT = { "ACCESS_TOKEN_LIFETIME": datetime.timedelta(minutes=30), "REFRESH_TOKEN_LIFETIME": datetime.timedelta(days=10), 'UPDATE_LAST_LOGIN': True, } -
使用
simplejwt给我们提供了4个视图函数供我们直接使用from rest_framework_simplejwt.views import token_obtain_pair, token_verify, token_refresh, token_blacklist urlpatterns = [ path('login/', token_obtain_pair), # 用户登录, 颁发token path('verify/', token_verify), # 验证token 是否有效 path('refresh/', token_refresh), # 刷新token path('black/', token_blacklist), # refresh加黑 ]当然登录逻辑我们也可以重写
from django.contrib.auth.models import update_last_login from rest_framework.views import APIView from rest_framework_simplejwt.serializers import TokenObtainPairSerializer from rest_framework_simplejwt.settings import api_settings from apps.common import json_response from apps.user.models import User class UserLoginView(APIView): permission_classes = () def post(self, request): username = request.data.get('username') password = request.data.get('password') user = User.objects.filter(username=username).first() if user and user.check_password(password): refresh = TokenObtainPairSerializer.get_token(user) if api_settings.UPDATE_LAST_LOGIN: update_last_login(None, user) return json_response( msg='登录成功', data={ 'access': str(refresh.access_token), 'refresh': str(refresh), } ) else: return json_response(code=-1, msg='用户名或密码错误')
