目录
一、路由
对于视图集ViewSet,我们除了可以自己手动指明请求方式与动作action之间的对应关系外,还可以使用Routers来帮助我们快速实现路由信息。
REST framework提供了两个router
- SimpleRouter
- DefaultRouter
1.使用方法
1.1.创建router对象,注册视图集
from rest_framework.routers import SimpleRouter, DefaultRouter
router = routers.SimpleRouter()
router.register(r'router_stu', StudentModelViewSet, base_name='student')
register(prefix, viewset, base_name)
参数说明:
- prefix 该视图集的路由前缀
- viewset 视图集
- base_name 路由别名的前缀
上述代码会形成的路由如下:
^books/$ name: book-list
^books/{pk}/$ name: book-detail
1.2.添加路由数据
1.2.1.方式一
urlpatterns = [
...
]
urlpatterns += router.urls
1.2.2.方式二
urlpatterns = [
...
url(r'^', include(router.urls))
]
2.SimpleRouter和DefaultRouter的区别
- DefaultRouter比SimpleRouter多一个根路径,显示所有注册过的路由
3.action装饰器
在视图集中,如果想要让Router自动帮助我们为自定义的动作生成路由信息,需要使用rest_framework.decorators.action装饰器。
以action装饰器装饰的方法名会作为action动作名,与list、retrieve等同。
action装饰器的参数:
-
methods:声明该action对应的请求方式,列表传递
-
detail:声明该action的路径是否与单一资源对应,及是否是
xxx/<pk>/action方法名/- True:表示路径格式是
xxx/<pk>/action方法名/ - False:表示路径格式是
xxx/action方法名/
- True:表示路径格式是
-
url_path: 控制生成的/user/后的路径是什么,如果不写,默认以方法名命名 /user/login/,一般跟函数名同名即可
-
url_name:别名,用于反向解析
@action(methods=['GET','POST'], detail=True, url_path='login')
def login(self, request,pk):
这样写了以后可以:自动生成路由
注意:以后写的视图类不需要写action装饰器的话,视图类中必须要有list,destroy,retrieve,create,update方法之一
- 其实是必须是 5个视图扩展类之一+GenericAPIView 9个视图子类,ModelViewSet
二、登录接口编写
models.py
class User(models.Model):
username = models.CharField(max_length=32)
password = models.CharField(max_length=32)
def __str__(self):
return self.username
# 用户登录记录表
class UserToken(models.Model):
user = models.OneToOneField(to='User', on_delete=models.CASCADE)
token = models.CharField(max_length=32, null=True) # 用户如果没有登录,就是空,如果登录了,就有值,登录多次以最后一次为准
views.py
class UserView(ViewSet):
authentication_classes = []
@action(methods=['POST', ], detail=False, url_path='login')
def login(self, request):
# 取出前端传入的用户名密码,校验,通过,返回登录成功,失败就返回用户名密码错误
username = request.data.get('username')
password = request.data.get('password')
user = User.objects.filter(username=username, password=password).first()
if user:
# 登录成功,不同人生成的token是不一样的,谁登录的,就把token存到UserToken表中
token = str(uuid.uuid4()) # 生成一个永不重复的随机字符串
# 存UserToken:如果没有记录,就是新增,如果有记录更新一下即可
# 通过user去UserToken表中查数据,如果能查到,使用defaults的数据更新,如果查不到,直接通过user和defaults的数据新增
UserToken.objects.update_or_create(defaults={'token': token}, user=user)
return Response({'code': 100, 'msg': '登录成功', 'token': token})
else:
return Response({'code': 101, 'msg': '用户名或密码错误'})
urls.py
from rest_framework.routers import SimpleRouter, DefaultRouter
router = SimpleRouter()
router.register('user',views.UserView,'user')
urlpatterns = [
path('admin/', admin.site.urls),
path('', include(router.urls)),
]
三、认证
通过认证类完成,使用步骤:
-
写一个认证类,继承BaseAuthentication
-
重写authenticate方法,在内部做认证
-
如果认证通过,返回2个值
-
认证不通过抛AuthenticationFailed异常
-
只要返回了两个值,在后续的request.user,就是当前登录用户
-
如果想让某个视图类登录后才能访问
-
方式一:
class BookView(ModelViewSet): authentication_classes = [LoginAuth, -
方式二:全局配置,局部禁用
# 全局配置 REST_FRAMEWORK={ 'DEFAULT_AUTHENTICATION_CLASSES':['app01.auth.LoginAuth',] } # 局部禁用 authentication_classes = []
-
认证类
from .models import UserToken
from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed
class LoginAuth(BaseAuthentication):
def authenticate(self, request):
# 在这里做认证,校验用户是否登录(带了token,并且能查到,就是登录,返回两个值,否则就是没登录,抛异常)
# 用户带的token从哪取?后端人员定的:放在请求地址中
token = request.GET.get('token')
# 通过token查询该token是否是在表中有记录
user_token = UserToken.objects.filter(token=token).first()
if user_token:
return user_token.user, token # 返回两个值,一个是当前登录用户,一个是token
else:
raise AuthenticationFailed('您没有登录')
作业
models.py
from django.db import models
# Create your models here.
class Book(models.Model):
name = models.CharField(max_length=32)
price = models.CharField(max_length=32)
publish = models.ForeignKey(to='Publish', on_delete=models.CASCADE)
def __str__(self):
return self.name
def publish_de(self):
return {'name': self.publish.name, 'address': self.publish.address}
class Publish(models.Model):
name = models.CharField(max_length=32)
address = models.CharField(max_length=32)
class User(models.Model):
username = models.CharField(max_length=32)
password = models.CharField(max_length=32)
def __str__(self):
return self.username
class UserToken(models.Model):
user = models.OneToOneField(to='User', on_delete=models.CASCADE)
token = models.CharField(max_length=64, null=True)
views.py
# import uuid
#
# from django.shortcuts import render
# from rest_framework.decorators import action
#
#
# # Create your views here.
# from rest_framework.response import Response
# from rest_framework.viewsets import ViewSet, ModelViewSet
#
# from .models import Book, Publish, User, UserToken
# from .serializer import BookSerializer, PublishSerializer
#
#
# class BookView(ModelViewSet):
# queryset = Book.objects.all()
# serializer_class = BookSerializer
#
#
# class PublishView(ModelViewSet):
# authentication_classes = []
# queryset = Publish.objects.all()
# serializer_class = PublishSerializer
#
#
# class UserView(ViewSet):
# authentication_classes = []
#
# @action(methods=['POST', ], detail=False, url_path='login')
# def login(self, request):
# username = request.data.get('username')
# password = request.data.get('password')
# user = User.objects.filter(username=username, password=password).first()
# if user:
# token = str(uuid.uuid4())
# UserToken.objects.update_or_create(defaults={'token': token}, user=user)
# return Response({'code': 100, 'msg': '登录成功', 'token': token})
# else:
# return Response({'code': 101, 'msg': '用户名或密码错误'})
# import uuid
#
# from django.shortcuts import render
# from rest_framework.decorators import action
#
#
# # Create your views here.
# from rest_framework.generics import GenericAPIView
# from rest_framework.response import Response
# from rest_framework.viewsets import ViewSet
#
# from .models import Book, Publish, User, UserToken
# from .serializer import BookSerializer, PublishSerializer
# from rest_framework.mixins import RetrieveModelMixin, CreateModelMixin, UpdateModelMixin, DestroyModelMixin, \
# ListModelMixin
#
#
# class BookView(GenericAPIView, ListModelMixin, CreateModelMixin):
# queryset = Book.objects.all()
# serializer_class = BookSerializer
#
# def get(self, request, *args, **kwargs):
# return self.list(request, *args, **kwargs)
#
# def post(self, request, *args, **kwargs):
# return self.create(request, *args, **kwargs)
#
#
# class BookDataView(GenericAPIView, RetrieveModelMixin, UpdateModelMixin, DestroyModelMixin):
# queryset = Book.objects.all()
# serializer_class = BookSerializer
#
# def get(self, request, *args, **kwargs):
# return self.retrieve(request, *args, **kwargs)
#
# def put(self, request, *args, **kwargs):
# return self.update(request, *args, **kwargs)
#
# def delete(self, request, *args, **kwargs):
# return self.destroy(request, *args, **kwargs)
#
#
# class PublishView(GenericAPIView, ListModelMixin, CreateModelMixin):
# authentication_classes = []
# queryset = Publish.objects.all()
# serializer_class = PublishSerializer
#
# def get(self, request, *args, **kwargs):
# return self.list(request, *args, **kwargs)
#
# def post(self, request, *args, **kwargs):
# return self.create(request, *args, **kwargs)
#
#
# class PublishDataView(GenericAPIView, RetrieveModelMixin, UpdateModelMixin, DestroyModelMixin):
# queryset = Publish.objects.all()
# serializer_class = PublishSerializer
#
# def get(self, request, *args, **kwargs):
# return self.retrieve(request, *args, **kwargs)
#
# def put(self, request, *args, **kwargs):
# return self.update(request, *args, **kwargs)
#
# def delete(self, request, *args, **kwargs):
# return self.destroy(request, *args, **kwargs)
#
#
# class UserView(ViewSet):
# authentication_classes = []
#
# @action(methods=['POST', ], detail=False, url_path='login')
# def login(self, request):
# username = request.data.get('username')
# password = request.data.get('password')
# user = User.objects.filter(username=username, password=password).first()
# if user:
# token = str(uuid.uuid4())
# UserToken.objects.update_or_create(defaults={'token': token}, user=user)
# return Response({'code': 100, 'msg': '登录成功', 'token': token})
# else:
# return Response({'code': 101, 'msg': '用户名或密码错误'})
import uuid
from django.shortcuts import render
from rest_framework.decorators import action
# Create your views here.
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from .models import Book, Publish, User, UserToken
from .serializer import BookSerializer, PublishSerializer
from rest_framework.generics import ListAPIView, CreateAPIView, RetrieveAPIView, DestroyAPIView, UpdateAPIView, \
GenericAPIView
from rest_framework.generics import ListCreateAPIView, RetrieveUpdateDestroyAPIView, RetrieveUpdateAPIView, RetrieveDestroyAPIView
class BookView(ListCreateAPIView):
queryset = Book.objects.all()
serializer_class = BookSerializer
class BookDataView(RetrieveUpdateDestroyAPIView):
queryset = Book.objects.all()
serializer_class = BookSerializer
class PublishView(ListCreateAPIView):
authentication_classes = []
queryset = Publish.objects.all()
serializer_class = PublishSerializer
class PublishDataView(RetrieveUpdateDestroyAPIView):
queryset = Publish.objects.all()
serializer_class = PublishSerializer
class UserView(ViewSet):
authentication_classes = []
@action(methods=['POST', ], detail=False, url_path='login')
def login(self, request):
username = request.data.get('username')
password = request.data.get('password')
user = User.objects.filter(username=username, password=password).first()
if user:
token = str(uuid.uuid4())
UserToken.objects.update_or_create(defaults={'token': token}, user=user)
return Response({'code': 100, 'msg': '登录成功', 'token': token})
else:
return Response({'code': 101, 'msg': '用户名或密码错误'})
serializer.py
from rest_framework import serializers
from .models import Book, Publish
class BookSerializer(serializers.ModelSerializer):
class Meta:
model = Book
fields = ['name', 'price', 'publish', 'publish_de']
class PublishSerializer(serializers.ModelSerializer):
class Meta:
model = Publish
fields = '__all__'
url.py
from django.contrib import admin
from django.urls import path, include
from app01 import views
from rest_framework.routers import SimpleRouter
# router = SimpleRouter()
#
# router.register('books', views.BookView, 'books')
# router.register('publish', views.PublishView, 'publish')
# router.register('user', views.UserView, 'user')
from app01.views import BookView, BookDataView, PublishView, PublishDataView
urlpatterns = [
# path('admin/', admin.site.urls),
# path('', include(router.urls)),
path('books/', BookView.as_view()),
path('books/<int:pk>/', BookDataView.as_view()),
path('publish/', PublishView.as_view()),
path('books/<int:pk>/', PublishDataView.as_view()),
]
auth.py
from .models import UserToken
from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed
class LoginAuth(BaseAuthentication):
def authenticate(self, request):
token = request.GET.get('token')
user_token = UserToken.objects.filter(token=token).first()
if user_token:
return user_token.user, token
else:
raise AuthenticationFailed('您没有登录')
settings.py
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': ['app01.auth.LoginAuth', ]
}
研究一下级联删除的其他
CASCADE:父表delete、update的时候,子表会delete、update掉关联记录
SET_NULL:父表delete、update的时候,子表会将关联记录的外键字段所在列设为null,所以注意在设计子表时外键不能设为not null
RESTRICT:如果想要删除父表的记录时,而在子表中有关联该父表的记录,则不允许删除父表中的记录
SET_DEFAULT:父表有变更时,子表将外键列设置成一个默认的值
SET():括号里可以是函数,设置为自定义的东西,该值只能是对应的实体了
PROTECT:删除Book表数据是,采取保护机制,抛出错误,即不删除Publishs的内容
DO_NOTHING:什么也不干
posted on
浙公网安备 33010602011771号