table of Contents
Certified Components
By dispath method, enter the three certification:
First look at the request module into the request
Enter the get_authenticators
method
Can be known, the second package request object request module comprises a parsing module, the authentication will be stored in the object's class object request.
Into the largest certification
Traversing one authenticator to complete one class certification, certification of the class should call each configuration authenticate
method to complete the certification. The return value is a tuple consisting of the user and the auth.
Permissions components
Frequency components
Into the frequency components by the dispatch method
Then look SimpleRateThrottle class, there allow_request and wait method. SimpleRateThrottle inheritance BaseThrottle, BaseThrottle allow_request and there are two ways to wait, but I did not write it, you need to write your own.
So we inherit SimpleRateThrottle class, which helped us write two methods allow_request and wait
# 可以直接在自定义频率类中配置rate,这就是要动源码了
rate = '3/min'
# 但是推荐在自定义频率类中配置scope属性,然后再在settings文件中设置scope
class MobileReateThrottle(SimpleRateThrottle):
scope = 'mobile'
def get_cache_key(self, request, view):
if not request.user.is_authenticated or not request.user.mobile:
return None # 匿名用户 没有电话号的用户都不限制
return self.cache_format % {
'scope': self.scope,
'ident': request.user.mobile
}
# settings文件
REST_FRAMEWORK = {
# 频率组件,频率类一般做局部配置,但是频率调节在settings中配置
'DEFAULT_THROTTLE_RATES': {
'user': '5/min', # 登录用户限制
'anon': '3/min', # 匿名用户限制,
'mobile': '1/min'
},
}
To the above __init__
method
Back allow_request
cache.set (key, value, exp) set an expiration cache, exp is set to 0, but on behalf of cache
Request once to save time once stored in the self.history
Whether the limit time determined according to the length of the list of requested time to form
Enter the wait method