'登入登出正常'

my_project/settings.py

@@ -24,7 +24,7 @@ SECRET_KEY = 'g9x!2%visyznwu#6a35)sygefkeu_z=oc5t8!hh%=jt)mw$cn('
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['*']
 
 # Application definition
 
@@ -36,6 +36,7 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'rest_framework',
+    'django_filters',
     'workreport'
 ]
 
@@ -124,4 +125,13 @@ REST_FRAMEWORK = {
     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
     'PAGE_SIZE': 3,
     'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend'],
+    'DEFAULT_PERMISSION_CLASSES': ['rest_framework.permissions.IsAuthenticated'],
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework.authentication.BasicAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+    )
 }
+
+AUTHENTICATION_BACKENDS = (
+    'django.contrib.auth.backends.ModelBackend'
+)

workreport/urls.py

@@ -1,7 +1,7 @@
 from django.conf.urls import url
 from rest_framework_bulk.routes import BulkRouter
 
-from workreport.views import DailyReportViews, ReportViews
+from workreport.views import DailyReportViews, ReportViews, LoginView, LogoutView
 
 router = BulkRouter()
 router.register(r'report', ReportViews)
@@ -9,5 +9,7 @@ router.register(r'report', ReportViews)
 urlpatterns = router.urls
 
 urlpatterns += [
-    url(r'^dailyreport/', DailyReportViews.as_view())
+    url(r'^dailyreport/', DailyReportViews.as_view()),
+    url(r'^login/', LoginView.as_view()),
+    url(r'^logout/', LogoutView.as_view())
 ]

workreport/views.py

@@ -1,11 +1,12 @@
-from django.shortcuts import render
-
-# Create your views here.
-from rest_framework import status
+from rest_framework import status, permissions
+from rest_framework.decorators import permission_classes
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from rest_framework.viewsets import ModelViewSet
 
+from django.contrib.auth import login, logout
+from django.contrib.auth.backends import ModelBackend
+
 from workreport.models import DailyReport
 from workreport.serializer import DailyReportSerializer
 
@@ -26,3 +27,21 @@ class ReportViews(ModelViewSet):
     queryset = DailyReport.objects.all()
     serializer_class = DailyReportSerializer
     filter_fields = {'title': ['exact']}
+
+
+@permission_classes((permissions.AllowAny,))
+class LoginView(APIView):
+    def post(self, request):
+        data = request.data
+        user = ModelBackend().authenticate(username=data['username'], password=data['password'], request=request)
+        if user is None:
+            return Response(data={'msg': '用户名或密码不正确'}, status=status.HTTP_404_NOT_FOUND)
+        else:
+            login(request, user=user, backend='django.contrib.auth.backends.ModelBackend')
+        return Response(status=status.HTTP_200_OK)
+
+
+class LogoutView(APIView):
+    def post(self, request):
+        logout(request)
+        return Response(data={'msg': 'logout success！'}, status=status.HTTP_200_OK)