版权声明:本文为博主原创文章,欢迎转载,但请注明原文出处。 https://blog.csdn.net/GiveMeFive_Y/article/details/79291384
1. 安装模块
#pip install django-oauth-toolkit djangorestframework
适配版本如下:
Django=1.11.6 django-oauth-toolkit=1.0.0 djangorestframework=3.7.7
2. 修改配置文件
#vim setting.py
...
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# 需要添加的apps
'mytest',
'oauth2_provider',
'rest_framework',
'corsheaders',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
#'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'corsheaders.middleware.CorsMiddleware',
]
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'oauth2_provider.backends.OAuth2Backend',
)
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
# 低版本的oauth2配置为:oauth2_provider.ext.rest_framework.OAuth2Authentication
)
}
DATABASES = {
"""
这里使用的python3.5版本的pymysql,跟之前版本MySQLdb冲突,解决方法是在django项目入口的__init__.py文件加入:
import pymysql
pymysql.install_as_MySQLdb()
"""
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'database_name', # 数据库
'USER': 'user_name', # 用户名
'PASSWORD': 'user_passwd', # 用户密码
'HOST': 'xxxx.mysql.rds.aliyuncs.com', # 数据库地址
'PORT': '3306', # 端口号,默认
}
}
...
3. 修改URL
from django.conf.urls import include, url
from django.contrib import admin
from rest_framework.routers import DefaultRouter
# Create a router and register our viewsets with it.
router = DefaultRouter()
urlpatterns += [
url(r'^admin/', include(admin.site.urls)),
url(r'^o/', include('oauth2_provider.urls', namespace='oauth2_provider'))]
4. 创建用户
# python manage.py syncdb
# python manage.py migrate
# python manage.py createsuperuser # 这里会要求输入用户名和密码
5. 启动服务
# python manage.pypy runserver 0.0.0.0:8888
6. 添加认证用户
6.1. 打开浏览器输入服务器地址
6.2. 登录控制台
6.3. 新增Application(client_credentials认证方式)
6.4. 新增Application(password认证方式)
7. 获取Token
7.1. client_credentials认证方式
结果:
7.2.password认证方式
结果:
8. 创建认证
curl -H "Authorization: Bearer <access_token>" https://127.0.0.1:8888/api/test
注:测试工具为谷歌插件Advanced Rest Client。
后台代码示例:
from oauth2_provider.contrib.rest_framework import TokenHasReadWriteScope
from rest_framework.decorators import permission_classes
@permission_classes(TokenHasReadWriteScope)
def auth(request):
pass
return HttpResponse(None)
或者:
from oauth2_provider.contrib.rest_framework import TokenHasReadWriteScope
from rest_framework.views import APIView
from rest_framework.response import Response
class TestView(APIView):
permission_classes = [TokenHasReadWriteScope]
def get(self, request, format=None):
pass
return Response(None)