使用Django REST框架创建用户 - 不进行身份验证 [英] creating users with Django REST Framework - not authenticate

问题描述

我正在和Django用户合作，当我创建一个具有 Django REST Framework 的用户时，我已经加密了密码，并且覆盖了 create 和更新方法在我的串行器上哈希我的密码用户

I am working with Django users, and I've hashed the passwords when I create an user with Django REST Framework and I override the create and update methods on my serializer to hash my passwords users

class UserSerializer(serializers.ModelSerializer):
    #username = models.CharField()

    def create(self, validated_data):
        password = validated_data.pop('password', None)
        instance = self.Meta.model(**validated_data)
        if password is not None:
            instance.set_password(password)
        instance.save()
        return instance

    def update(self, instance, validated_data):
        for attr, value in validated_data.items():
            if attr == 'password':
                instance.set_password(value)
            else:
                setattr(instance, attr, value)
        instance.save()
        return instance


    class Meta:
        model = User
        fields = ('url', 'username', 'password', 'first_name','last_name',
                  'age', 'sex', 'photo', 'email', 'is_player', 'team',
                  'position', 'is_staff', 'is_active', 'is_superuser',
                  'is_player', 'weight', 'height', 'nickname',
                  'number_matches', 'accomplished_matches',
                  'time_available', 'leg_profile', 'number_shirt_preferred',
                  'team_support', 'player_preferred', 'last_login',
        )

我的意见。 py是这样的：

My views.py is this:

class UserViewSet(viewsets.ModelViewSet):
    """
    API endpoint that allows users to be viewed or edited.
    """
    queryset = User.objects.all().order_by('-date_joined')
    serializer_class = UserSerializer
    filter_fields = ('username', 'is_player', 'first_name', 'last_name', 'team' , 'email', )

我的REST_FRAMEWORK设置是：

My REST_FRAMEWORK settings are:

REST_FRAMEWORK = {
    'DEFAULT_FILTER_BACKENDS': ('django_filters.rest_framework.DjangoFilterBackend',),

    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.AllowAny',
    ),

    'PAGE_SIZE': 10
}

我的不便之处在于，当我通过休息框架创建和用户时，密码是散列的，但我无法签名进入或登录通过休息身份验证和Django管理员。

The inconvenient that I have is that when I create and user via rest framework, the password is hashed, but I cannot sign in or login via rest authentication and Django admin too.

我如何可以哈希我的密码，并通过Djago REST FRAMework登录？

How to can I hash my passwords and sign in via Djago REST FRamework too?

最好的问候

推荐答案

添加休息框架认证设置，还有以下内容

Add rest framework authentication setting with following also

'DEFAULT_AUTHENTICATION_CLASSES': ( 
    'rest_framework.authentication.BasicAuthentication',
    'rest_framework.authentication.SessionAuthentication', 
)

参考 http://www.django-rest-framework.org/ api-guide / authentication /＃sessionauthentication

而对于令牌自动化，请通过doc http://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication

And for token autentication go through doc http://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication

这篇关于使用Django REST框架创建用户 - 不进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！