我在我的Django应用程序中使用DRF,DRF-JWT,Allauth和Res-auth以及djangorestframework-jwt-refresh-token。
我有一个自定义JWT Register Serializer来收集一些额外的用户信息,并创建和创建一个刷新令牌,用于刷新过期的JWT令牌。我们在后端和ios应用程序中工作,没有电子邮件注册问题。我现在正尝试使用allauth的sociallogin元素实现JWT,特别是facebook作为提供者。
我可以通过覆盖DefaultSocialAccountAdapter来为facebook用户创建一个刷新令牌,但是我很难将带有所述刷新令牌的JWT的Json响应返回给移动客户端。
这会创建刷新令牌:
class CustomSocialAccountAdapter(DefaultSocialAccountAdapter):
def save_user(self, request, sociallogin, form):
user = super(CustomSocialAccountAdapter, self).save_user(request, sociallogin, form)
app = 'users'
user.refresh_tokens.create(app=app)
return user
我可以用这个手动创建JWT:
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
我只是难以将所有内容放在一起,我应该覆盖适配器还是使用pre_social_login信号。
任何指示赞赏。
答案 0 :(得分:0)
我使用以下内容返回长期存在的刷新令牌以及Facebook登录上的头像网址:
class CustomJWTSerializer(JWTSerializer):
"""
OVERIDE JWTSerializer Base Serializer for JWT authentication to
add long refresh_token to returned JSON
"""
refresh_token = serializers.CharField()
avatar_url = serializers.CharField()
class FacebookLogin(SocialLoginView):
adapter_class = FacebookOAuth2Adapter
def process_login(self):
get_adapter(self.request).login(self.request, self.user)
user = self.request.user
app = 'users'
try:
refresh_token = user.refresh_tokens.get(app=app).key
except RefreshToken.DoesNotExist:
refresh_token = None
if refresh_token == None:
app = 'users'
user.refresh_tokens.create(
app=app
)
preferred_avatar_size_pixels = 256
facebook_social_account = SocialAccount.objects.get(user=user)
uid = facebook_social_account.uid
picture_url = "http://graph.facebook.com/{0}/picture?width={1}&height={1}".format(
uid, preferred_avatar_size_pixels)
profile = Profile(user=user, avatar_url=picture_url)
profile.save()
def get_response(self):
serializer_class = CustomJWTSerializer
refresh_token = RefreshToken.objects.get(user=self.user)
profile = Profile.objects.get(user=self.user)
avatar_url = profile.avatar_url
if getattr(settings, 'REST_USE_JWT', False):
data = {
'user': self.user,
'token': self.token,
'refresh_token': refresh_token,
'avatar_url': avatar_url
}
serializer = serializer_class(instance=data,
context={'request': self.request})
else:
serializer = serializer_class(instance=self.token,
context={'request': self.request})
return Response(serializer.data, status=status.HTTP_200_OK)
我不知道这是否是正确的方法,但它现在有效。