Django Rest Framework-使用电子邮件验证注册用户 [英] Django Rest Framework - Register user with email verification

问题描述

我正在研究DRF项目.我在自己的用户模型中将电子邮件用作唯一的用户名，并使用jwt作为身份验证.我做了一切，但是在创建用户模型时无法实现电子邮件验证.

I'm working on DRF project. I use email as a unique username in my own user model and using jwt as authentication. I made everything but cannot implement email verification when create user model.

我当时正在考虑制作用户令牌，并使用它来使用户在首次登录后激活.因此，我尝试覆盖generics.createAPIView和django.contrib.auth.tokens.PasswordResetTokenGenerator中的每个方法.现在看来似乎是不可能的.我找不到任何使用DRF制作的信息.

I was thinking of making token of user and use it to make user activate after first logged in. So I tried to override every single methods in generics.createAPIView and django.contrib.auth.tokens.PasswordResetTokenGenerator. And now it seems like impossible. I coulnd't find any information who made it with DRF.

我想在将用户模型实际写入数据库之前进行电子邮件验证，如果成功，则要写入数据库.我正在使用vue作为前端，所以我想要的是
[vue(注册页面)-> drf(检查其是否有效)->将邮件发送到request.data ['email']->
单击电子邮件中的链接并完成注册-> drf(完成注册并写入数据库)]

I want to do email verification before user model is actually written in database, and if it succeed, then write in database. I'm using vue as front-end so what I want is
[ vue(register page) --> drf(check if it's validate) --> send mail to request.data['email'] -->
click the link in email and finish registration --> drf(finish register and write in database) ]

是否可以通过CreateAPIView的方法重写它?

Is there any possible way to make it with override on methods of CreateAPIView?

推荐答案

我使用了django all-auth，django rest和django jwt

此代码段的目标:

Objective of this code snippet:

根据django简单的jwt文档，无论何时提交登录表单，URL都是令牌/".它将从前端获取电子邮件和密码，并像这样在json字段中分配这些值-

as per django simple jwt docs, the url is "token/", whenever you submit the login form. It will take email and password from frontend, and assign those values in json field like this -

{
  "username" : "xyz@gmail.com",
  "password" : "password"
}

之后，它将在AbstractUser Model的电子邮件列中检入，如果存在，则将在all-auth EmailAddress Model表中进行检定.如果通过验证，它将返回令牌.其他会显示错误消息.

after that it will check in the email column of AbstractUser Model and if it exists then it will check in the all-auth EmailAddress Model table if it's verified. if it's verified then it will return tokens. Others it will show error messages.

从serilizer.py中的Django Rest Simple JWT覆盖TokenObtainPairSerializer

override TokenObtainPairSerializer from Django Rest Simple JWT in serilizer.py

class CustomJWTSerializer(TokenObtainPairSerializer):
        def update(self, instance, validated_data):
            pass
    
        def create(self, validated_data):
            pass
    
        def validate(self, attrs):
            credentials = {
                'username': '',
                'password': attrs.get("password")
            }
    
            user = User.objects.filter(email=attrs.get("username")).first()
            email_address = EmailAddress.objects.filter(user=user, verified=True).exists()
    
            if email_address and user:
                credentials['username'] = user.username
                return super().validate(credentials)
            elif user and not email_address:
                return {'message': 'Email not verified'}
            else:
                return {'message': 'This email does not exist, please create a new account'}

router.py-

router.py -

path(API_VERSION + 'token/', TokenObtainPairView.as_view(serializer_class=CustomJWTSerializer), name='token_obtain_pair'),

然后，如果邮件经过验证，它将仅返回jwt令牌.发送邮件使用all-auth和settings.py-

Then it will only return jwt tokens if the mail is validate. to send mail use all-auth and in settings.py -

OLD_PASSWORD_FIELD_ENABLED = True
LOGOUT_ON_PASSWORD_CHANGE = True
ACCOUNT_AUTHENTICATION_METHOD = "email"
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_UNIQUE_EMAIL = True
ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
ACCOUNT_CONFIRM_EMAIL_ON_GET = True
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = FRONTEND_URL

这篇关于Django Rest Framework-使用电子邮件验证注册用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！