如何在Django频道上使用令牌身份验证对Websocket进行身份验证？

本文介绍了如何在Django频道上使用令牌身份验证对Websocket进行身份验证？的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我们想对Websocket使用django-channels，但是我们也需要进行身份验证。我们有一个运行django-rest-framework的rest api，在那里我们使用令牌对用户进行身份验证，但是django-channels中似乎没有内置相同的功能。

We want to use django-channels for our websockets but we need to authenticate as well. We have a rest api running with django-rest-framework and there we use tokens to authenticate a user, but the same functionality does not seem to be built into django-channels.

推荐答案

对于Django-Channels 2，您可以编写自定义身份验证中间件 gist.github/rluts/22e05ed8f53f97bdd02eafdf38f3d60a

For Django-Channels 2 you can write custom authentication middleware gist.github/rluts/22e05ed8f53f97bdd02eafdf38f3d60a

token_auth.py：

token_auth.py:

from channels.auth import AuthMiddlewareStack from rest_framework.authtoken.models import Token from django.contrib.auth.models import AnonymousUser class TokenAuthMiddleware: """ Token authorization middleware for Django Channels 2 """ def __init__(self, inner): self.inner = inner def __call__(self, scope): headers = dict(scope['headers']) if b'authorization' in headers: try: token_name, token_key = headers[b'authorization'].decode().split() if token_name == 'Token': token = Token.objects.get(key=token_key) scope['user'] = token.user except Token.DoesNotExist: scope['user'] = AnonymousUser() return self.inner(scope) TokenAuthMiddlewareStack = lambda inner: TokenAuthMiddleware(AuthMiddlewareStack(inner))

routing.py：

routing.py:

from django.urls import path from channels.http import AsgiHandler from channels.routing import ProtocolTypeRouter, URLRouter from channels.auth import AuthMiddlewareStack from yourapp.consumers import SocketCostumer from yourapp.token_auth import TokenAuthMiddlewareStack application = ProtocolTypeRouter({ "websocket": TokenAuthMiddlewareStack( URLRouter([ path("socket/", SocketCostumer), ]), ), })