覆盖 Django Rest 中的 authToken 视图

Question

我在 Django 中使用基于令牌的身份验证，除了返回的令牌外，还需要添加用户对象。

如何覆盖此类视图？我需要在哪里添加此类并进行更改？目前这是在 rest_framework 包中找到的，我不想修改库。

from rest_framework import parsers, renderers
from rest_framework.authtoken.models import Token
from rest_framework.authtoken.serializers import AuthTokenSerializer
from rest_framework.response import Response
from rest_framework.views import APIView


class ObtainAuthToken(APIView):
    throttle_classes = ()
    permission_classes = ()
    parser_classes = (parsers.FormParser, parsers.MultiPartParser, parsers.JSONParser,)
    renderer_classes = (renderers.JSONRenderer,)
    serializer_class = AuthTokenSerializer
    print "dasdsa"

    def post(self, request):
        serializer = self.serializer_class(data=request.data)
        serializer.is_valid(raise_exception=True)
        user = serializer.validated_data['user']
        token, created = Token.objects.get_or_create(user=user)
        return Response({'token': token.key})


obtain_auth_token = ObtainAuthToken.as_view()

Answer 1

从文档。

首先，您需要扩展ObtainAuthToken该类。

# views.py

from rest_framework.authtoken.views import ObtainAuthToken
from rest_framework.authtoken.models import Token
from rest_framework.response import Response

class CustomAuthToken(ObtainAuthToken):

    def post(self, request, *args, **kwargs):
        serializer = self.serializer_class(data=request.data,
                                       context={'request': request})
        serializer.is_valid(raise_exception=True)
        user = serializer.validated_data['user']
        token, created = Token.objects.get_or_create(user=user)
        return Response({
            'token': token.key,
            'user_id': user.pk,
            'email': user.email
        })

在此之后将CustomAuthToken课程添加到您的urls.py喜欢中view

# urls.py
from django.urls import path
from . import views

urlpatterns += [
    path(r'api-token-auth/', views.CustomAuthToken.as_view())
]

Answer 2

我想覆盖一些默认的 CRSF 功能并使用以下方法：

from rest_framework.authentication import SessionAuthentication

class SessionCsrfExemptAuthentication(SessionAuthentication):

    def enforce_csrf(self, request):
        # Do not perform a csrf check
        return False

然后在我的设置文件中，我通过以下方式引用它：

'DEFAULT_AUTHENTICATION_CLASSES': (
    'myapp.utils.authenticate.SessionCsrfExemptAuthentication',
    'rest_framework.authentication.BasicAuthentication',
    'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
    'oauth2_provider.ext.rest_framework.OAuth2Authentication',
    'rest_framework_social_oauth2.authentication.SocialAuthentication',
),

这使我能够导入现有功能、覆盖它并在设置文件中引用它。我认为你可以在这里使用类似的方法。