如何从 Django 后端删除令牌
How to delete the Token from backend in Django
我正在使用 django rest-auth 和 django rest api。我可以通过在可浏览的 api 中调用 rest-auth/logout 来注销用户,它将从数据库中删除令牌。在可浏览 api 中,我不必在注销时发送令牌 url。我从 React js 前端调用了相同的 url rest-auth/logout,它给出的响应为 'successfully logged out',但 Token 保留在数据库中。如何通过从前端调用 url 来删除令牌。
您必须发送 DELETE
请求并使用此代码:
class LogoutView(APIView):
""" Logout User """
@staticmethod
def delete(request, *args, **kwargs):
request.user.auth_token.delete()
data = {
"message": "You have successfully logged out.",
}
return Response(data, status=status.HTTP_200_OK)
嗨,我会使用不同的方法。
- 每次登录、删除和创建一个新令牌
- 每次注销调用
logout
方法
from django.contrib import auth
class LoginView(APIView):
""" Login User """
@staticmethod
def post(request, *args, **kwargs):
# get username and password
user = auth.authenticate(username=username, password=password)
if user is not None:
Token.objects.filter(user=user).delete()
token = Token.objects.create(user=user)
auth.login(request, user)
# redirect to whatever with token key
# error return here
class LogoutView(APIView):
""" Logout User """
@staticmethod
def delete(request, *args, **kwargs):
auth.logout(request)
data = {
"message": "You have successfully logged out.",
}
return Response(data, status=status.HTTP_200_OK)
我正在使用 django rest-auth 和 django rest api。我可以通过在可浏览的 api 中调用 rest-auth/logout 来注销用户,它将从数据库中删除令牌。在可浏览 api 中,我不必在注销时发送令牌 url。我从 React js 前端调用了相同的 url rest-auth/logout,它给出的响应为 'successfully logged out',但 Token 保留在数据库中。如何通过从前端调用 url 来删除令牌。
您必须发送 DELETE
请求并使用此代码:
class LogoutView(APIView):
""" Logout User """
@staticmethod
def delete(request, *args, **kwargs):
request.user.auth_token.delete()
data = {
"message": "You have successfully logged out.",
}
return Response(data, status=status.HTTP_200_OK)
嗨,我会使用不同的方法。
- 每次登录、删除和创建一个新令牌
- 每次注销调用
logout
方法
from django.contrib import auth
class LoginView(APIView):
""" Login User """
@staticmethod
def post(request, *args, **kwargs):
# get username and password
user = auth.authenticate(username=username, password=password)
if user is not None:
Token.objects.filter(user=user).delete()
token = Token.objects.create(user=user)
auth.login(request, user)
# redirect to whatever with token key
# error return here
class LogoutView(APIView):
""" Logout User """
@staticmethod
def delete(request, *args, **kwargs):
auth.logout(request)
data = {
"message": "You have successfully logged out.",
}
return Response(data, status=status.HTTP_200_OK)