时间戳

首页 > 解决方案 > 注销后销毁令牌

django - 注销后销毁令牌

问题描述

我想在用户注销时销毁身份验证令牌。用户在我提供的视图中成功注销。但是当用户注销时我需要销毁令牌。

views.py

class UserLoginViewSet(viewsets.ViewSet):

    def create(self,request):
        try:
            data=request.data
            email=data.get('email')
            password=data.get('password')
            date_of_birth=data.get('date_of_birth')
            if not all([email,password,date_of_birth]):
                raise Exception('all fields are mandetory')

            user=authenticate(username=email,password=password)

            if user is not None:
                token=generate_token()
                user_info=MyUser.objects.get(email=email)
                data=({
                    'email':user_info.email,
                    'password':user_info.password,
                    #'data_of_birth':user_info.data_of_birth
                })
                return Response({"message": "You are successfully logged in",
                "user_info":data,"token": token, "success": True},status=status.HTTP_200_OK)

            else :
                raise Exception('not authorised')

        except Exception as error:
            traceback.print_exc()
            return Response({"message": str(error), "success": False}, status=status.HTTP_200_OK)
    def delete(self,request):
        logout(request)
        return Response({'successfull':True})```

#my user is logging out correctly,but i want to doi this by deleting token

标签: djangopython-3.xdjango-rest-framework

解决方案

你可以这样做

class UserLoginViewSet(viewsets.ViewSet):

    def create(self,request):
        try:
            data=request.data
            email=data.get('email')
            password=data.get('password')
            date_of_birth=data.get('date_of_birth')
            if not all([email,password,date_of_birth]):
                raise Exception('all fields are mandetory')

            user=authenticate(username=email,password=password)

            if user is not None:
                token=generate_token()
                user_info=MyUser.objects.get(email=email)
                data=({
                    'email':user_info.email,
                    'password':user_info.password,
                    #'data_of_birth':user_info.data_of_birth
                })
                return Response({"message": "You are successfully logged in",
                "user_info":data,"token": token, "success": True},status=status.HTTP_200_OK)

            else :
                raise Exception('not authorised')

        except Exception as error:
            traceback.print_exc()
            return Response({"message": str(error), "success": False}, status=status.HTTP_200_OK)

class LogoutView(APIView):
    permission_classes = (permissions.IsAuthenticated,)

    def get(self, request):
        request.user.auth_token.delete()
        logout(request)
        return Response({"message": "success", 'code': status.HTTP_200_OK, 'detail': "logout success"})

在应用程序 urls.py 添加新的 url:

path('logout/',LogoutView.as_view()),

推荐阅读