Django-Rest-Framework部分源码流程分析

class TestView(APIView):

    '''
    调用这个函数的时候，会自动触发authentication_classes的运行，所以会先执行上边的类
    '''
    authentication_classes = [TestAuthentication,]
    permission_classes = []


    # def dispath(self,request,*args,**kwargs):
    #     return super().dispatch(request,*args,**kwargs)
    def get(self,request,*args,**kwargs):
        # self.dispatch()           #用户访问这个函数，首先执行里面的dispatch方法                 1，入口
        print("====request.user====",request.user)         #当前登录的用户
        print("====request.auth====",request.auth)         #获取到的用户token
        return Response("GET请求，响应内容")

    def post(self,request,*args,**kwargs):
        return Response("POST请求，响应内容")

    def put(self,request,*args,**kwargs):
        return Response("PUT请求，响应内容")

 def dispatch(self, request, *args, **kwargs):
        """
        `.dispatch()` is pretty much the same as Django's regular dispatch,
        but with extra hooks for startup, finalize, and exception handling.
        """
        self.args = args
        self.kwargs = kwargs

        """
        # 对request进行加工,增加了下边这几个新的功能
            parsers=self.get_parsers(),
            authenticators=self.get_authenticators(),
            negotiator=self.get_content_negotiator(),
            parser_context=parser_context
        """
        request = self.initialize_request(request, *args, **kwargs)                           
        self.request = request
        self.headers = self.default_response_headers  # deprecate?

        try:
            """2
                版本处理
                用户认证
                权限
                访问频率限制
            """
            self.initial(request, *args, **kwargs)

            # Get the appropriate handler method
            # 3，通过反射执行函数
            if request.method.lower() in self.http_method_names:
                handler = getattr(self, request.method.lower(),
                                  self.http_method_not_allowed)
            else:
                handler = self.http_method_not_allowed

            response = handler(request, *args, **kwargs)

        except Exception as exc:
            response = self.handle_exception(exc)
        # 4\对结果再次加工
        self.response = self.finalize_response(request, response, *args, **kwargs)
        return self.response

# 从上边进来之后首先执行他的initialize方法        ===================第一步，对request进行加工，扩展了很多的功能
request = self.initialize_request(request, *args, **kwargs)
self.request = request
self.headers = self.default_response_headers  # deprecate?

    
def initialize_request(self, request, *args, **kwargs):
    """
    Returns the initial request object.
    """
    parser_context = self.get_parser_context(request)
    # 对request进行加工，多了很多功能
    return Request(
        request,
        parsers=self.get_parsers(),
        authenticators=self.get_authenticators(),
        negotiator=self.get_content_negotiator(),
        parser_context=parser_context
    )

接下来走try，执行里面的initial方法，处理版本信息，认证，权限，访问控制
def initial(self, request, *args, **kwargs):
        """
        Runs anything that needs to occur prior to calling the method handler.
        """
        self.format_kwarg = self.get_format_suffix(**kwargs)

        # Perform content negotiation and store the accepted info on the request
        neg = self.perform_content_negotiation(request)
        request.accepted_renderer, request.accepted_media_type = neg

        # Determine the API version, if versioning is in use.
        # 处理版本信息
        version, scheme = self.determine_version(request, *args, **kwargs)
        request.version, request.versioning_scheme = version, scheme

        # Ensure that the incoming request is permitted
        # 认证
        self.perform_authentication(request)
        # 权限
        self.check_permissions(request)
        # 访问频率控制
        self.check_throttles(request)

 

from django.views.decorators.csrf import csrf_exempt

假如用这个装饰器“@csrf_exempt”装饰过的函数不需要经过csrf验证