django_myshop/common/mypermissions.py

from rest_framework.permissions import BasePermission
from rest_framework_jwt.authentication import jwt_decode_handler


class IsOwnerOrReadOnly(BasePermission):
    def has_permission(self, request, view):
        if request.user.username == 'admin':
            return True

    def has_object_permission(self, request, view, obj):
        token = request.META['HTTP_AUTHORIZATION'][5:]
        token_user = jwt_decode_handler(token)  # 解析token
        if token_user:
            return obj.user.id == token_user['user_id']
        return False
完成验证的相关学习 1 year ago			`from rest_framework.permissions import BasePermission`
			`from rest_framework_jwt.authentication import jwt_decode_handler`


			`class IsOwnerOrReadOnly(BasePermission):`
			`def has_permission(self, request, view):`
			`if request.user.username == 'admin':`
			`return True`

			`def has_object_permission(self, request, view, obj):`
			`token = request.META['HTTP_AUTHORIZATION'][5:]`
			`token_user = jwt_decode_handler(token) # 解析token`
			`if token_user:`
			`return obj.user.id == token_user['user_id']`
			`return False`