2👍
✅
Usually, your Token is simply a Django model, which is stored in your database.
It has a OneToOne relation to your User model and that’s simply how they are related (in rest_framework.authtoken). You can see it in DRF source.
A direct examle:
from rest_framework import generics
from rest_framework import status
from rest_framework.authtoken.models import Token
# ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
# You can directly import your Token model for usage
from .serializers import UserLoginSerializer
class UserLogin(generics.CreateAPIView):
serializer_class = UserLoginSerializer
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, _ = Token.objects.get_or_create(user=user)
# Here you either get a Token if it exists in your db
# Or generate it if it is not created yet
# See that you directly get the token with your user:
# Token.objects.get_or_create(user=user)
# You can also access it vice-versa: token.user <-> user.token
# Because it is a OneToOne relation
response_data = {
'id': user.id,
'token': token.key
}
headers = self.get_success_headers(serializer.data)
return Response(response_data, status=status.HTTP_200_OK, headers=headers)
Note: If you are using JWT, have a look at how a token is linked with the user.
In your case:
class CreatePost(generics.CreateAPIView):
def get_queryset(self, **kwargs):
owner = self.request.user
# Are you sure you don't want to get the current request user?
# Why you should filter with token?
post_title = ...
post_content = ...
Your authentication classes (in your case, JSONWebTokenAuthentication, it automatically sets request.user to the correct one and you can access it in your views).
Source:stackexchange.com