向DRF简单JWT有效负载添加声明 [英] Adding claims to DRF simple JWT payload

问题描述

在开机自检(POST)到自定义视图时，使用 djangorestframework_simplejwt 库

Using djangorestframework_simplejwt library, when POST to a custom view

#urls.py
path('api/token/', MyTokenObtainPairView.as_view(), name='token_obtain'),

#views.py
class MyTokenObtainPairView(TokenObtainPairView):
    serializer_class = MyTokenObtainPairSerializer

我能够获得以下访问令牌

I'm able to get a the following access token

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTkwOTEwNjg0LCJqdGkiOiI3M2MxYmZkOWNmMGY0ZjI3OTY4MGY0ZjhlYjA1NDQ5NyIsInVzZXJfaWQiOjExfQ.5vs0LmNGseU6rtq3vuQyApupxhQM3FBAoKAq8MUukIBOOYfDAV9guuCVEYDoGgK6rdPSIq2mvcSxkILG8OH5LQ

通过转到 https://jwt.io/我可以看到有效负载当前

By going to https://jwt.io/ I can see the payload is currently

{
  "token_type": "access",
  "exp": 1590910684,
  "jti": "73c1bfd9cf0f4f279680f4f8eb054497",
  "user_id": 11
}

因此，我们可以看到令牌的第二部分是有效负载-包含声明.

So, we can see that the second part of the token is the payload - containing the claims.

我已经研究了如何向响应正文添加更多信息，现在想知道如何自定义通过添加 IAt索赔，用户名和今天的日期来获得有效载荷数据.

I've explored how to add more information to the Response body and now would like to know how to customize the Payload data by adding iat claim, username and today's date.

推荐答案

由于您已经为所需视图(MyTokenObtainPairView)创建了一个子类，并为其对应的序列化器(MyTokenObtainPairSerializer)创建了一个子类，因此将以下内容添加到序列化器中

As you already created a subclass for the desired view (MyTokenObtainPairView) and a subclass for its corresponding serializer (MyTokenObtainPairSerializer), add the following to the serializer

class MyTokenObtainPairSerializer(TokenObtainPairSerializer):

    ...

    @classmethod
    def get_token(cls, user):
        token = super().get_token(user)

        # Add custom claims
        token['iat'] = datetime.datetime.now()
        token['user'] = user.username
        token['date'] = str(datetime.date.today())

        return token

然后，当您发布到同一位置时，您将获得像这样的访问令牌

Then, when you POST to that same location, you'll get an access token like this

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTkwOTE0MTk4LCJqdGkiOiJhZDZmNzZhZjFmOGU0ZWJlOGI2Y2Y5YjQ4MGQzZjY2MiIsInVzZXJfaWQiOjExLCJpYXQiOjE1OTA5MTc0OTgsInVzZXIiOiJ0aWFnbyIsImRhdGUiOiIyMDIwLTA1LTMxIn0.-5U9P-WWmhlOenzCvc6b7_71Tz17LyNxe_DOMwwqH4RqrNsilVukEcZWFRGupLHRZjIvPya2QJGpiju9ujzQuw

使用JWT，您可以看到有效负载发生了相应的变化

Using JWT you can see the Payload changing accordingly

{
  "token_type": "access",
  "exp": 1590914198,
  "jti": "ad6f76af1f8e4ebe8b6cf9b480d3f662",
  "user_id": 11,
  "iat": 1590917498,
  "user": "tiago",
  "date": "2020-05-31"
}

这篇关于向DRF简单JWT有效负载添加声明的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！