如何添加身份验证中间件JWT Django? [英] How add Authenticate Middleware JWT django?
本文介绍了如何添加身份验证中间件JWT Django?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试创建一个中间件以通过JWT进行身份验证,但是在视图中,request.user始终是AnonymousUser.
I am trying to create a middleware to authenticate with JWT but in the view the request.user is always AnonymUser.
当我验证中间件是否通过用户模型更改了request.user时,它确实做了,但是由于某种原因,进入视图后,request.user始终是匿名用户
When I verify that the middleware changes the request.user by the User Model, it does, but upon reaching the view, for some reason the request.user is always anonymousUser
我正在使用Django 1.11
I'n using Django 1.11
# coding=utf-8
from django.utils.functional import SimpleLazyObject
from django.utils.deprecation import MiddlewareMixin
from django.contrib.auth.models import AnonymousUser, User
from django.conf import settings
from django.contrib.auth.middleware import get_user
from rest_framework_jwt.authentication import JSONWebTokenAuthentication
import jwt
import json
class JWTAuthenticationMiddleware(MiddlewareMixin):
def process_request(self, request):
request.user = SimpleLazyObject(lambda: self.__class__.get_jwt_user(request))
@staticmethod
def get_jwt_user(request):
user_jwt = get_user(request)
if user_jwt.is_authenticated():
return user_jwt
token = request.META.get('HTTP_AUTHORIZATION', None)
user_jwt = None
if token is not None:
try:
user_jwt = jwt.decode(
token,
settings.SECRET_KEY,
algorithms=['HS256']
)
user_jwt = User.objects.get(
id=user_jwt['user_id']
)
except Exception as e:
user_jwt = AnonymousUser
return user_jwt
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'user.middlewares.JWTAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
推荐答案
尝试使用此中间件:
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'applications.custom_authentication.middleware.JWTAuthenticationMiddleware', # This is my middleware
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
这篇关于如何添加身份验证中间件JWT Django?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
