这是我的工作代码;
class LoginAPIView(APIView):
def post(self, request, format=None):
#gather the username and password provided by user
data = request.data
email = data['email']
user_password = data['password']
user_entered_password = user_password
salt = "5gz"
db_password = user_entered_password + salt
hash_password = hashlib.md5(db_password.encode())
print(hash_password.hexdigest())
user_queryset = User.objects.all().get(Q(email__exact=email) & Q(password__exact=hash_password.hexdigest())).first()
# user_ser = UserLoginSerializers(user_queryset,many=True)
# user_data = user_ser.user_queryset
user_id = []
for u in user_queryset:
_id = u.get('id')
user_id.append(_id)
if len(user_queryset) > 0:
print(user_id)
payload ={'user_id':user_id[0], 'exp':datetime.utcnow() + timedelta(seconds=JWT_EXP_DELTA_SECONDS)}
jwt_token = jwt.encode(payload, JWT_SECRET, JWT_ALGORITHM)
return Response({'token':jwt_token, "data":user_queryset}, status=status.HTTP_200_OK)
else:
return Response({"msg":"Invalid User"}, status=status.HTTP_400_BAD_REQUEST)
答案 0 :(得分:0)
您不必自己做所有这一切。 Django具有authenticate
函数,该函数使用用户名和密码并返回您的用户。
from django.contrib.auth import authenticate
user = authenticate(username='your_username', password='you_password')
默认情况下,Django使用用户名进行身份验证。如果要为此使用电子邮件,则可以执行以下操作之一。
代码:
from django.contrib.auth import get_user_model
from django.contrib.auth.backends import ModelBackend
class EmailBackend(ModelBackend):
def authenticate(self, username=None, password=None, **kwargs):
UserModel = get_user_model()
try:
user = UserModel.objects.get(email=username)
except UserModel.DoesNotExist:
return None
else:
if user.check_password(password):
return user
return None
然后,在您的设置中将该后端设置为您的auth后端:
AUTHENTICATION_BACKENDS = ['path.to.auth.module.EmailBackend']