问题描述
我是Django OAuth Toolkit的新手.我想自定义身份验证响应.
I am new to Django OAuth Toolkit. I want to customize the authenticate response.
我在django应用程序上的身份验证URL配置是:
My authenticate url configuration on django application is :
url('authenticate/',
include('oauth2_provider.urls', namespace='oauth2_provider'))
https://django-oauth-toolkit.readthedocs.io/en/latest/install.html
现在,当我启动此命令时:
Now, when i launch this command :
curl -X POST -d 'grant_type=password&username=$username&password=$password'
-u "$client_id:$client_secret" http://127.0.0.1:8000/authenticate/token/
我收到此回复:
{
"access_token": "ATiM10L0LNaldJPk12drXCjbhoeDR8",
"expires_in": 36000,
"refresh_token": "II4UBhXhpVDEKWmsUQxDzkj3OMjW1p",
"scope": "read groups write",
"token_type": "Bearer"
}
并希望此回复:
{
"access_token": "ATiM10L0LNaldJPk12drXCjbhoeDR8",
"expires_in": 36000,
"refresh_token": "II4UBhXhpVDEKWmsUQxDzkj3OMjW1p",
"scope": "read groups write",
"token_type": "Bearer",
"member": {
"id": 1,
"username": "username",
"email": "[email protected]",
....
}
}
我只想覆盖此响应,以添加已认证用户的信息.我已经阅读了django-oauth-toolkit的文档.而且我没有找到解决问题的方法...
I just want to override this response for add information of authenticated user.I have read the documentation of django-oauth-toolkit. And i didn't find a solution to my problem...
推荐答案
我能够通过覆盖TokenView类来进行此更改在您的观点中.py
I was able to make this change by overwriting the TokenView classin your views.py
from django.http import HttpResponse
from oauth2_provider.views.base import TokenView
from django.utils.decorators import method_decorator
from django.views.decorators.debug import sensitive_post_parameters
from oauth2_provider.models import get_access_token_model, get_application_model
from oauth2_provider.signals import app_authorize
class CustomTokenView(TokenView):
@method_decorator(sensitive_post_parameters("password"))
def post(self, request, *args, **kwargs):
url, headers, body, status = self.create_token_response(request)
if status == 200:
body = json.loads(body)
access_token = body.get("access_token")
if access_token is not None:
token = get_access_token_model().objects.get(
token=access_token)
app_authorized.send(
sender=self, request=request,
token=token)
body['member'] = {
'id': token.user.id,
'username': token.user.username,
'email': token.user.email
}
body = json.dumps(body)
response = HttpResponse(content=body, status=status)
for k, v in headers.items():
response[k] = v
return response
在 urls.py 中,只需指向自定义视图覆盖令牌URL.此导入应该在django-oauth-toolkit的包含之前
In urls.py, just overwrite the token url by pointing to the custom view. This import should come before the include of the django-oauth-toolkit
url(r"authenticate/token/$", CustomTokenView.as_view(), name="token"),
url('authenticate/',
include('oauth2_provider.urls', namespace='oauth2_provider'))
现在退货将包含会员数据
The return will now contain the member data
{
"access_token": "YtiH9FGwAf7Cb814EjTKbv3FCpLtag",
"expires_in": 36000,
"token_type": "Bearer",
"scope": "read write groups",
"refresh_token": "99TyWmCwELrJvymT8m6Z9EPxGr3PJi",
"member": {
"id": 1,
"username": "admin",
"email": "[email protected]"
}
}
这篇关于django-oauth-toolkit:自定义身份验证响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!