Django/restframework
Restframework JWT 설정
두잇 두두
2024. 1. 29. 21:30
728x90
Setting.py
INSTALLED_APPS = [
'rest_framework_simplejwt',
]
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
),
}
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=1),
'REFRESH_TOKEN_LIFETIME': timedelta(minutes=1),
'ROTATE_REFRESH_TOKENS': False,
'BLACKLIST_AFTER_ROTATION': False,
'UPDATE_LAST_LOGIN': False,
'ALGORITHM': 'HS256',
'SIGNING_KEY': SECRET_KEY,
'VERIFYING_KEY': None,
'AUDIENCE': None,
'ISSUER': None,
'JWK_URL': None,
'LEEWAY': 0,
'AUTH_HEADER_TYPES': ('Bearer',),
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
'USER_ID_FIELD': 'id',
'USER_ID_CLAIM': 'user_id',
'USER_AUTHENTICATION_RULE': 'rest_framework_simplejwt.authentication.default_user_authentication_rule',
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
'TOKEN_TYPE_CLAIM': 'token_type',
'TOKEN_USER_CLASS': 'rest_framework_simplejwt.models.TokenUser',
'JTI_CLAIM': 'jti',
'SLIDING_TOKEN_REFRESH_EXP_CLAIM': 'refresh_exp',
'SLIDING_TOKEN_LIFETIME': timedelta(minutes=5),
'SLIDING_TOKEN_REFRESH_LIFETIME': timedelta(days=1),
}Login
def login(self, request, *args, **kwargs):
자신의 로그인 로직 구현
token = TokenObtainPairSerializer.get_token(user)
refresh_token = str(token) # refresh 토큰 문자열화
access_token = str(token.access_token) access_token 토큰 문자열화
response = Response(
{
"user": UserSerializer(user).data,
"message": "login success",
"jwt_token": {
"access_token": access_token,
"refresh_token": refresh_token
},
},
status=status.HTTP_200_OK
)
response.set_cookie("access_token", access_token, httponly=True) #cookie에 저장
response.set_cookie("refresh_token", refresh_token, httponly=True)
return response
위 과정을 통해 클라이언트에게 token을 전달하고 클라이언트에서 가지고 있으면 됩니다