Django rstful登陆认证并检查session是否过期代码实例
这篇文章主要介绍了Djangorstful登陆认证并检查session是否过期代码实例,下面我们可以来一起学习一下。
一:restful用户视图
#!/usr/bin/envpython #-*-coding:UTF-8-*- #Author:Leslie-x fromusersimportmodels fromrest_framework.decoratorsimportaction fromrest_framework.responseimportResponse fromrest_frameworkimportviewsets fromrest_frameworkimportserializers fromdjango.contrib.authimportauthenticate,login,logout classUserSerializer(serializers.ModelSerializer): classMeta: model=models.User exclude=('password',) classUserViewSet(viewsets.ReadOnlyModelViewSet): serializer_class=UserSerializer queryset=User.objects.all() authentication_classes=(UserAuthentication,) @action(detail=False,methods=['post']) defregister(self,request,*args,**kwargs): username=request.data.get("username") queryset=User.objects.filter(username=username) ifqueryset.exists(): raiseexceptions.PermissionDenied('该账号已经被注册') user=User.objects.create_user(**request.data) UserProfile.objects.create(user=user,nickname=user.username) data=self.get_serializer(user).data returnResponse(data) @action(detail=False,methods=['post']) deflogin(self,request,*args,**kwargs): username=request.data.get("username") password=request.data.get("password") user=authenticate(username=username,password=password) ifnotuser: raiseexceptions.PermissionDenied('用户名或密码错误') auth_id=request.session.get('_auth_user_id') ifauth_id!=str(user.pk): logout(request) login(request,user) data=self.get_serializer(user).data data['session_key']=request.session.session_key returnResponse(data) @action(detail=False,methods=['post']) deflogout(self,request,*args,**kwargs): logout(request) returnResponse()
二:检查session是否过期
fromrest_framework.authenticationimportSessionAuthentication fromrest_framework.requestimportRequest fromdjango.contrib.sessions.modelsimportSession fromrest_frameworkimportexceptions importarrow classCustomAuth(SessionAuthentication): defcheck_session(self,request): session_key=request.session.session_key queryset=Session.objects.filter(session_key=session_key) ifnotqueryset.exists(): raiseexceptions.PermissionDenied('非法用户,拒绝访问') expire_date=queryset.first().expire_date now=arrow.now().format('YYYY-MM-DDHH:mm:ss') ifnotarrow.get(now)以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。