我想创建登录资源但我无法掌握如何做到:(
我有我的UserResource,我认为最好使用LoginResource作为登录方法。
class UserResource(ModelResource):
foreign_key = ForeignKey(ForeignResource, 'foreign_key', null=True)
...
class Meta:
queryset = User.objects.all()
allowed_methods = ['post']
resource_name = 'user'
authentication = ApiKeyAuthentication()
authorization = Authorization()
def obj_create(self, bundle, **kwargs):
try:
bundle = super(UserResource, self).obj_create(bundle, **kwargs)
bundle.obj.set_password(bundle.data.get('password'))
bundle.obj.save()
except IntegrityError:
raise BadRequest(_("A user with that username already exists."))
return bundle
那么我应该怎么做LoginResource实现,这是我已经走了多远:)
class LoginResource(ModelResource):
pass
我的愿望是发送(发布/获取)/ v1 /登录/用户名和密码然后如果登录成功则返回用户对象,就像我有GET / v1 / user / 1 /。
提前致谢!
答案 0 :(得分:0)
你需要在这里做一些事情,
例如:https://gist.github.com/airtonix/5473873
对于比我更有能力的人来说,有些代码可能会非常冒犯,但这绝对是你想要前进的方向。
答案 1 :(得分:0)
这样的事情应该有效(未经测试):
class UserResource(ModelResource):
class Meta:
queryset = User.objects.all()
fields = ['first_name', 'last_name', 'email']
allowed_methods = ['get', 'post']
resource_name = 'user'
def override_urls(self):
return [
url(r"^(?P<resource_name>%s)/login%s$" %
(self._meta.resource_name, trailing_slash()),
self.wrap_view('login'), name="api_login"),
url(r'^(?P<resource_name>%s)/logout%s$' %
(self._meta.resource_name, trailing_slash()),
self.wrap_view('logout'), name='api_logout'),
]
def login(self, request, **kwargs):
self.method_check(request, allowed=['post'])
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user = authenticate(username=username, password=password)
if user:
if user.is_active:
login(request, user)
kwargs = {'pk': user.id, 'api_name': u'v1', 'resource_name': u'user'}
return self.get_detail(request, **kwargs)
else:
return HttpResponse(status=401)
else:
return HttpResponse(status=401)
def logout(self, request, **kwargs):
self.method_check(request, allowed=['get'])
if request.user and request.user.is_authenticated():
logout(request)
return self.create_response(request, { 'success': True })
else:
return self.create_response(request, { 'success': False }, HttpUnauthorized)
然后你可以这样做:
curl --dump-header - -H "Content-Type: application/json" -X POST --data '{"username" : "me", "password": "l33t"}' http://localhost:8000/api/v1/user/login/
它应该在成功登录时为您提供用户对象。