我很难搞清楚这件事。
我正在尝试使用Django rest api knox令牌身份验证和React。
这是我的代码在Authenticate.js中的样子
export function LoginComponent (props) {
const [state, setState] = useState({credentials : {username: '',password: '',}})
const [hasLoggedIn, setHasLoggedIn] = useState(false)
const Login = (event) => {
event.preventDefault()
fetch("http://127.0.0.1:8000/users/accounts/api/auth/login",{
method: "POST",
headers: {'Content-Type': 'application/json'},
body: JSON.stringify(state.credentials)
})
.then( data => data.json()).then(
data => {
console.log(data.token)
props.userLogin(data.token)
}
)
.then(
console.log(hasLoggedIn),
setHasLoggedIn(true),
props.LoggedIn(hasLoggedIn))
.catch(error => console.error())
}
const Register = (event) => {
fetch("http://127.0.0.1:8000/users/accounts/api/auth/register",{
method: "POST",
headers: {'Content-Type': 'application/json'},
body: JSON.stringify(state.credentials)
}).then( data => data.json()).then(
data => {
console.log(data.token)
}
).catch(error => console.error())
}
const inputChanged = (event) =>{
const cred = state.credentials;
cred[event.target.name] = event.target.value
setState({credentials: cred})
}
return (
<div>
<label>
Username:
<input type='text' name='username'
value={state.credentials.username}
onChange={inputChanged}
/>
</label>
<br/>
<label>
Password:
<input type='password' name='password'
value={state.credentials.password}
onChange={inputChanged}
/>
</label>
<br/>
<button onClick={Login}>Login</button>
<button onClick={Register}>Register</button>
</div>
)
}
这是一个代码,我从一个youtube视频的问题来,而试图保持用户身份验证,如果你刷新这个当前的代码,你将最终失去令牌,这意味着你必须再次登录.
是否有任何方法可以使用Django会话认证与令牌?
任何帮助都将不胜感激。提前感谢!
编辑这是我的登录API视图。
class LoginApi(generics.GenericAPIView):
permission_classes = [
permissions.AllowAny,
]
serializer_class = LoginSerializer
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data
login(request, user)
_, token = AuthToken.objects.create(user)
return Response({
"user": UserSerializer(user, context=self.get_serializer_context()).data,
"token": token
})
这是我的序列化程序类
class LoginSerializer(serializers.Serializer):
username = serializers.CharField()
password = serializers.CharField()
class Meta:
model = User
fields = ["username", "password"]
def validate(self, data):
user = authenticate(**data)
if user and user.is_active:
return user
raise serializers.ValidationError("Incorrect Credentials")
1条答案
按热度按时间bsxbgnwa1#
问题是你只把令牌保存在客户端(网页浏览器)内存中。每次刷新内存都会被“清理”。在我看来,你有两个选择:
1.将令牌保存在session storage中
1.使用涉及cookie的不同身份验证方法,最好是http-cookies