django - Django过期令牌身份验证
问题描述
我正在为此过期 django 令牌我正在关注此https://medium.com/@yerkebulan199/django-rest-framework-drf-token-authentication-with-expires-in-a05c1d2b7e05
我的 accounts/authentication.py 文件就像
from rest_framework.authentication import TokenAuthentication
from rest_framework.authtoken.models import Token
from rest_framework.exceptions import AuthenticationFailed
from datetime import timedelta
from django.utils import timezone
from django.conf import settings
# this return left time
def expires_in(token):
time_elapsed = timezone.now() - token.created
left_time = timedelta(seconds=settings.TOKEN_EXPIRED_AFTER_SECONDS) - time_elapsed
return left_time
# token checker if token expired or not
def is_token_expired(token):
return expires_in(token) < timedelta(seconds=0)
# if token is expired new token will be established
# If token is expired then it will be removed
# and new one with different key will be created
def token_expire_handler(token):
is_expired = is_token_expired(token)
if is_expired:
token.delete()
token = Token.objects.create(user=token.user)
return is_expired, token
# ________________________________________________
# DEFAULT_AUTHENTICATION_CLASSES
class ExpiringTokenAuthentication(TokenAuthentication):
"""
If token is expired then it will be removed
and new one with different key will be created
"""
def authenticate_credentials(self, key):
try:
token = Token.objects.get(key=key)
except Token.DoesNotExist:
raise AuthenticationFailed("Invalid Token")
if not token.user.is_active:
raise AuthenticationFailed("User is not active")
is_expired, token = token_expire_handler(token)
if is_expired:
raise AuthenticationFailed("The Token is expired")
return (token.user, token)
我已经像这样在settings.py中添加了
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'accounts.authentication.ExpiringTokenAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
TOKEN_EXPIRED_AFTER_SECONDS = 10
仍然令牌没有更新,我检查了这个身份验证类没有触发。
解决方案
在expires_in函数旁边试试
time_elapsed = token.created - timezone.now()
因为time_elapsed应该是肯定 的以获得 left_time
推荐阅读
- java - 泽西岛资源和提供者扫描
- apache - 当我通过 putty 运行 playbook 以启动 httpd 服务时,出现以下错误
- javascript - 即使值存在,为什么对象键返回未定义
- php - 在 Laravel 中包含联接时导出到 Excel
- python - GCP Datastore Python - InvalidArgument:400 非事务性提交可能不包含影响同一实体的多个突变
- keycloak - Keycloak -> 如何获取附加到单个角色或组的权限
- python - Making a file executable on a by the work place locked Mac
- php - 有没有办法在php中组合两个foreach循环
- arrays - 需要匹配 mongodb 中的数组值并附加到该数组中
- java - java客户端的MQTT SSL连接失败