向 DRF 简单 JWT 有效负载添加声明
问题描述
在 POST 到自定义视图时使用
因此,我们可以看到令牌的第二部分是有效负载 - 包含声明.
我探索了
<代码>{token_type":访问",exp":1590914198,jti":ad6f76af1f8e4ebe8b6cf9b480d3f662",用户 ID":11,"iat": 1590917498,用户":蒂亚戈",日期":2020-05-31"}
Using djangorestframework_simplejwt library, when POST to a custom view
#urls.py
path('api/token/', MyTokenObtainPairView.as_view(), name='token_obtain'),
#views.py
class MyTokenObtainPairView(TokenObtainPairView):
serializer_class = MyTokenObtainPairSerializer
I'm able to get a the following access token
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTkwOTEwNjg0LCJqdGkiOiI3M2MxYmZkOWNmMGY0ZjI3OTY4MGY0ZjhlYjA1NDQ5NyIsInVzZXJfaWQiOjExfQ.5vs0LmNGseU6rtq3vuQyApupxhQM3FBAoKAq8MUukIBOOYfDAV9guuCVEYDoGgK6rdPSIq2mvcSxkILG8OH5LQ
By going to https://jwt.io/ I can see the payload is currently
{
"token_type": "access",
"exp": 1590910684,
"jti": "73c1bfd9cf0f4f279680f4f8eb054497",
"user_id": 11
}
So, we can see that the second part of the token is the payload - containing the claims.
I've explored how to add more information to the Response body and now would like to know how to customize the Payload data by adding iat claim, username and today's date.
解决方案As you already created a subclass for the desired view (MyTokenObtainPairView) and a subclass for its corresponding serializer (MyTokenObtainPairSerializer), add the following to the serializer
class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
...
@classmethod
def get_token(cls, user):
token = super().get_token(user)
# Add custom claims
token['iat'] = datetime.datetime.now()
token['user'] = user.username
token['date'] = str(datetime.date.today())
return token
Then, when you POST to that same location, you'll get an access token like this
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTkwOTE0MTk4LCJqdGkiOiJhZDZmNzZhZjFmOGU0ZWJlOGI2Y2Y5YjQ4MGQzZjY2MiIsInVzZXJfaWQiOjExLCJpYXQiOjE1OTA5MTc0OTgsInVzZXIiOiJ0aWFnbyIsImRhdGUiOiIyMDIwLTA1LTMxIn0.-5U9P-WWmhlOenzCvc6b7_71Tz17LyNxe_DOMwwqH4RqrNsilVukEcZWFRGupLHRZjIvPya2QJGpiju9ujzQuw
Using JWT you can see the Payload changing accordingly
{
"token_type": "access",
"exp": 1590914198,
"jti": "ad6f76af1f8e4ebe8b6cf9b480d3f662",
"user_id": 11,
"iat": 1590917498,
"user": "tiago",
"date": "2020-05-31"
}
相关文章