[PYTHON] More new user authentication methods with Django REST Framework

Normally, the user is authenticated by the column defined by ʻUSERNAME_FIELD and password of the class that inherits ʻAbstractBaseUser. Let's add a new column called login_id so that users can be authenticated with login_id and password.

1. Addition of ʻAUTHENTICATION_BACKENDS`

I want to customize user authentication, so add ʻAUTHENTICATION_BACKENDS See reference for ʻAUTHENTICATION_BACKENDS https://docs.djangoproject.com/en/dev/ref/settings/#authentication-backends

backends.py


from django.contrib.auth.backends import ModelBackend
from project.models.user import User


class LoginIdModelBackend(ModelBackend):
    """
    login_id and password login
    """
    def authenticate(self, request, username=None, password=None, **kwargs):
        try:
            login_id = kwargs.get('login_id')
            if not login_id:
                raise User.DoesNotExist
            user = User.objects.get(login_id=login_id)
        except User.DoesNotExist:
            # Run the default password hasher once to reduce the timing
            # difference between an existing and a nonexistent user (#20760).
            User().set_password(password)
        else:
            if user.check_password(password) and self.user_can_authenticate(user):
                return user

settings.py


AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'backends.LoginIdModelBackend',
]

It is assumed that the User table has a login_id column ʻAUTHENTICATION_BACKENDS` can be called in order, such as the next authentication if the defined authentication fails. So, first of all, the authentication so far is executed, and if it fails, the authentication with the login ID is executed.

2. Added user authentication API for login_id and password

views/auth.py


from rest_framework_simplejwt.views import TokenViewBase
from project import serializers


class LoginIdAuthTokenViewSet(TokenViewBase):
    serializer_class = serializers.LoginIdAuthTokenSerializer

serializer/auth.py


from rest_framework_simplejwt.serializers import TokenObtainPairSerializer


class LoginIdAuthTokenSerializer(TokenObtainPairSerializer):
    username_field = 'login_id'

    def create(self, validated_data):
        pass

    def update(self, instance, validated_data):
        pass

Please also add to urls.py

This time I used a different API, but depending on the logic, I think it is possible to log in with one API, for example, with an email address or login ID.

Recommended Posts

More new user authentication methods with Django REST Framework
Create APIs around user authentication with Django REST Framework
Implementing authentication in Django REST Framework with djoser
Implementation of custom user model authentication in Django REST Framework with djoser
Django REST framework with Vue.js
Login with django rest framework
[Django] Use MessagePack with Django REST framework
Create RESTful APIs with Django Rest Framework
CRUD GET with Nuxt & Django REST Framework ②
CRUD POST with Nuxt & Django REST Framework
CRUD GET with Nuxt & Django REST Framework ①
CRUD PUT, DELETE with Nuxt & Django REST Framework
Django REST framework basics
Django Rest Framework Tips
Create a Todo app with Django REST Framework + Angular
Create a Todo app with the Django REST framework
When you want to filter with Django REST framework
Implement hierarchical URLs with drf-nested-routers in Django REST framework
Django REST framework stumbling block
Implementation of JWT authentication functionality in Django REST Framework using djoser
Implementation of CRUD using REST API with Python + Django Rest framework + igGrid
Create a REST API to operate dynamodb with the Django REST Framework
How to deal with garbled characters in json of Django REST Framework
Logical deletion in Django, DRF (Django REST Framework)
Understand the benefits of the Django Rest Framework
ng-admin + Django REST framework ready-to-create administration tool
Miscellaneous notes about the Django REST framework
Django REST Framework + Clean Architecture Design Consideration
How to automatically generate API document with Django REST framework & POST from document screen
Django: Record User Agent and manage with Admin
Django REST framework A little useful to know.
Implement JWT login functionality in Django REST framework
Sometimes you want to access View information from Serializer with DRF (Django REST Framework)