Certification authority, view components

Others 2019-07-04 08:03:58 views: null

drf components

Certified Components

models.py

class User(models.Model):
    name = models.CharField(max_length=32)
    pwd = models.CharField(max_length=32)
    user_type = models.IntegerField(choice=(1,'超级管理员'),(2,'普通管理员'),(3,'用户'))
 
#token跟uesr表做一对一关联
class Token(models.Model):
    user = models.OneToOneField(to='User')
    token = models.CharField(max_length=32)

views.py

from rest_framewoke.views import APIView
import uuid

class Login(APIView):
    def post(self,request):
        response = {'code':100,'msg':'登入成功'}
        name = request.data.get('name')
        pwd = request.data.get('pwd')
        try:
            user = models.User.objects.filter(name=name,pwd=pwd).get()
            #登入成功需要去token表中存数据,生成一个唯一的id
            token = uuid.uuid4()
            #有则更新,没有则创建
            models.Token.objects.update_or_create(user=user,defaults = {'token':token})
            response['token'] = token
        except ObjectDoesNotExist as e:
            response['code'] = 101
            response['msg'] = '用户名或密码错误'
        except Exception as e:
            response['code'] = 102
            response['msg'] = str(e)
        return Response(response)

New certification class

from rest_framework.authentication import BaseAuthentication
from rest_framwork.exceptions import AuthenticationFailed
from app01 import models

class TokenAuth(BaseAuthentication):
    #认证类中的方法
    def authenticate(self,request):
        token = request.GET.get('token')
        token_obj = models.Token.objects.filter(token=token).first()
        if token_obj:
            #token_obj.user当前登入对象
            return token_obj.user,token_obj
        else:
            raise AuthenticationFailed('请先登入')

The use of certified components

Topical

from app01.MyAuth import TokenAuth
class Books(APIView):
    #可以写多个认证类
    authentication_classes = [TokenAuth,]
    def get(self,request):
        pass

Global Use

#在settings中配置
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES':['app01.MyAuth.TokenAuth',]  # app01.文件名.类名
}

Local disabled

from app01.MyAuth import TokenAuth
class Books(APIView):
    authentication_classes = []
    def get(self,request):
        pass

According to the source can know:

  • If you configure REST_FRAMEWORK in the project settings, the default settings of the start of the project to take
  • If you did not get, go to the default configuration file to take drf
  • If configured in the view class, go view configured to take

to sum up:

First take the view class configuration ===> === fetch program settings> Default Configuration

Permissions components

Create a new class privilege, inherited BasePermission

from rest_framework.permission import BasePermission

class MyPermission(BasePermission):
    message = '不是超级用户,查看不了'  #将错误信息以中文的信息展示
    #因为权限在认证之后执行的,所有能拿到request.user
    def has_permission(self,request,view):
        if request.user.user_type==1:
            return True
        else:
            return False

Usage rights component

Topical

from app01.MyAuth import TokenAuth
class Books(APIView):
    permission_classes = [MyPermission,]
    def get(self,request):
        pass

Global Use

#在settings中配置
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES':['app01.MyAuth.TokenAuth',],  # 应用名.文件名.类名
    'DEFAULT_PERMISSION_CLASSES':['app01.MyAuth.MyPermission']
}

Local disabled

from app01.MyAuth import MyPermission
class Books(APIView):
    permission_classes = []
    def get(self,request):
        pass

Component view

mixins to encapsulate based view

The first

url part

url(r'^publish/$', views.PublishView.as_view()),
url(r'^publish/(?P<pk>\d+)/$', views.PublishDetailView.as_view()),
from rest_framework.mixins import CreateModelMixin,ListModelMixin,RetrieveModelMixin,DestroyModelMixin,UpdateModelMixin
from rest_framework.generics import GenericAPIView

class PublishView(CreateModelMixins,ListModelMixin,GenericAPIView):
    queryset = models.Publish.objects.all()
    serializer_class = PublishSerializers
    def post(self,request,*args,**kwargs):
        return self.create(request,*args,**kwargs)
    def get(self,request,*args,**kwargs):
        return self.list(request,*args,**kwargs)
class PublishDetailView(RetrieveModelMixin,DestroyModelMixin,UpdateModelMixin,GenericAPIView):
    queryset = models.Publish.objects.all()
    serializer_class = PublishSerializers
    def get(self,request, *args, **kwargs):
        return self.retrieve(request, *args, **kwargs)
    def put(self,request, *args, **kwargs):
        return self.update(request, *args, **kwargs)
    def delete(self,request, *args, **kwargs):
        return self.destroy(request, *args, **kwargs)

The second

from rest_framework.generics import CreateAPIView,ListCreateAPIView,DestroyAPIView,RetrieveUpdateDestroyAPIView
class PublishView(ListCreateAPIView):
    queryset = models.Publish.objects.all()
    serializer_class = PublishSerializers

class PublishDetailView(RetrieveUpdateDestroyAPIView):
    queryset = models.Publish.objects.all()
    serializer_class = PublishSerializers

The third

url part

 url(r'^publish/$', views.PublishView.as_view({'get': 'list', 'post': 'create'})),
    url(r'^publish/(?P<pk>\d+)/$',views.PublishView.as_view({'get': 'retrieve', 'put': 'update', 'delete': 'destroy'})),
from rest_framework.viewsets import ModelViewSet
class PublishView(ModelViewSet):
    queryset=models.Publish.objects.all()
    serializer_class=PublishSerializers

customize

url part

url(r'^aa/$', views.PublishView.as_view({'get': 'aaa'})),
from rest_framework.viewsets import  ViewSetMixin
from rest_framework.views import  APIView
# ViewSetMixin 重写了as_view方法
class Test(ViewSetMixin,APIView):  #注意先后顺序,因为APIView中也有as_view方法

    def aaa(self,request):
        return Response()

ModelViewSet: inherited

  • mixins.CreateModelMixin
  • mixins.RetrieveModelMixin
  • mixins.UpdateModelMixin
  • mixins.DestroyModelMixin
  • mixins.ListModelMixin
  • GenericViewSet

RetrieveUpdateDestroyAPIView: inherited

class RetrieveUpdateDestroyAPIView(mixins.RetrieveModelMixin,
                                   mixins.UpdateModelMixin,
                                   mixins.DestroyModelMixin,
                                   GenericAPIView):

ListCreateAPIView: inherited

class ListCreateAPIView(mixins.ListModelMixin,
                        mixins.CreateModelMixin,
                        GenericAPIView):

To understanding

JWT: JSON format is encrypted in the string, the server does not save session data, all data stored in the client, each request back to the server

django of OneToOneField Source: essentially inherited ForeignKey, initialization of kwargs [ 'unique'] = True

Guess you like

Origin www.cnblogs.com/yanminggang/p/11129503.html
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com