+-
首页 专栏 python 文章详情
?养花怪兽 发布于 5 月 8 日
关注作者
关注作者
0
基于django-oauth-toolkit的统一认证流程(单点登录)
?养花怪兽 发布于 5 月 8 日
基于django-oauth-toolkit的统一认证流程(单点登录)
这篇文章主要用于django的单点登录认证,django是作为认证服务器而不是转第三方登录;
当然, 结尾的代码也可以用于第三方认证并且django作为请求认证
在users/models.py 写入:
from django.contrib.auth.models import AbstractUser class User(AbstractUser): pass
settings中
INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'users', ] AUTH_USER_MODEL='users.User'
pip install django-oauth-toolkit
settings中
INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'users', 'oauth2_provider', ]
这里如果遇到django-oauth-toolkit安装有问题,可以降低版本安装, 一般1.2版本没什么问题
这里提供一下pip安装的版本作为参考
Django 3.2.2 django-oauth-toolkit 1.2.0
python manage.py makemigrations python manage.py migrate
urls.py中
from django.contrib import admin from django.urls import include, path urlpatterns = [ path('admin/', admin.site.urls), path('auth/', include('oauth2_provider.urls', namespace='oauth2_provider')), ]
settings中
LOGIN_URL='/admin/login/'
创建超级管理员
python manage.py createsuperuser Username: wiliam Email address: [email protected] Password: Password (again): Superuser created successfully.
执行django
python manage.py runserver
打开网址注册需要单点登录的应用
http://127.0.0.1:8000/auth/applications/register/
获取client_id和secret
export ID=4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf export SECRET=hRo89PCekK3lV7u5MuWcW0a28LHMWxosLIYittiBSxOz7YrM08zuYSbNK7hnULy9DIS53rzT9XTFWkD1D93r2MhX24cnt9edSphAXsmarHPJyXZ5nWh6xl0JTkSnJb0W
用以下网址进行请求
http://127.0.0.1:8000/auth/authorize/?response_type=code&client_id=4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf&redirect_uri=http://127.0.0.1:8000
登录成功后就会跳转到上面网址的 redirect_uri
下面是获取access_token
from django.views import View import requests class OauthLogin(View): def get(self, request): code = request.GET.get('code') print('code:', code) url = 'http://127.0.0.1:8000/auth/token/' data = { 'client_id': '4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf', 'client_secret': 'hRo89PCekK3lV7u5MuWcW0a28LHMWxosLIYittiBSxOz7YrM08zuYSbNK7hnULy9DIS53rzT9XTFWkD1D93r2MhX24cnt9edSphAXsmarHPJyXZ5nWh6xl0JTkSnJb0W', 'code': code, 'redirect_uri': 'http://127.0.0.1:8000/user/auth_login', 'grant_type': 'authorization_code', } headers = { 'Content-Type': 'application/x-www-form-urlencoded', } res = requests.post(url, data=data, headers=headers) print('res:', res.json())
基于认证来访问接口的方式
header中 Authorization 携带上一步中的json参数token_type, access_token
access_token = res.json().get('access_token') token_type = res.json().get('token_type') token_header = { 'Authorization': '{} {}'.format(token_type, access_token) } res = requests.get('http://127.0.0.1:8000/user/demo/', headers=token_header) print('res:', res.text)
django oauth2.0 python 单点登录 认证授权
阅读 52 发布于 5 月 8 日
举报
赞
收藏
分享
本作品系原创, 采用《署名-非商业性使用-禁止演绎 4.0 国际》许可协议
?养花怪兽
1 声望
0 粉丝
0 条评论
得票数 最新
提交评论
?养花怪兽
1 声望
0 粉丝
宣传栏
目录
▲
基于django-oauth-toolkit的统一认证流程(单点登录)
这篇文章主要用于django的单点登录认证,django是作为认证服务器而不是转第三方登录;
当然, 结尾的代码也可以用于第三方认证并且django作为请求认证
在users/models.py 写入:
from django.contrib.auth.models import AbstractUser class User(AbstractUser): pass
settings中
INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'users', ] AUTH_USER_MODEL='users.User'
pip install django-oauth-toolkit
settings中
INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'users', 'oauth2_provider', ]
这里如果遇到django-oauth-toolkit安装有问题,可以降低版本安装, 一般1.2版本没什么问题
这里提供一下pip安装的版本作为参考
Django 3.2.2 django-oauth-toolkit 1.2.0
python manage.py makemigrations python manage.py migrate
urls.py中
from django.contrib import admin from django.urls import include, path urlpatterns = [ path('admin/', admin.site.urls), path('auth/', include('oauth2_provider.urls', namespace='oauth2_provider')), ]
settings中
LOGIN_URL='/admin/login/'
创建超级管理员
python manage.py createsuperuser Username: wiliam Email address: [email protected] Password: Password (again): Superuser created successfully.
执行django
python manage.py runserver
打开网址注册需要单点登录的应用
http://127.0.0.1:8000/auth/applications/register/
获取client_id和secret
export ID=4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf export SECRET=hRo89PCekK3lV7u5MuWcW0a28LHMWxosLIYittiBSxOz7YrM08zuYSbNK7hnULy9DIS53rzT9XTFWkD1D93r2MhX24cnt9edSphAXsmarHPJyXZ5nWh6xl0JTkSnJb0W
用以下网址进行请求
http://127.0.0.1:8000/auth/authorize/?response_type=code&client_id=4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf&redirect_uri=http://127.0.0.1:8000
登录成功后就会跳转到上面网址的 redirect_uri
下面是获取access_token
from django.views import View import requests class OauthLogin(View): def get(self, request): code = request.GET.get('code') print('code:', code) url = 'http://127.0.0.1:8000/auth/token/' data = { 'client_id': '4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf', 'client_secret': 'hRo89PCekK3lV7u5MuWcW0a28LHMWxosLIYittiBSxOz7YrM08zuYSbNK7hnULy9DIS53rzT9XTFWkD1D93r2MhX24cnt9edSphAXsmarHPJyXZ5nWh6xl0JTkSnJb0W', 'code': code, 'redirect_uri': 'http://127.0.0.1:8000/user/auth_login', 'grant_type': 'authorization_code', } headers = { 'Content-Type': 'application/x-www-form-urlencoded', } res = requests.post(url, data=data, headers=headers) print('res:', res.json())
基于认证来访问接口的方式
header中 Authorization 携带上一步中的json参数token_type, access_token
access_token = res.json().get('access_token') token_type = res.json().get('token_type') token_header = { 'Authorization': '{} {}'.format(token_type, access_token) } res = requests.get('http://127.0.0.1:8000/user/demo/', headers=token_header) print('res:', res.text)
