5.商品详情页、收藏接口与权限验证
1.商品详情页
1 # goods/views.py 对应的类中继承RetrieveModelMixin,从而实现根据ID查询到某条记录 2 ... 3 class GoodsListViewSet(mixins.ListModelMixin, mixins.RetrieveModelMixin, viewsets.GenericViewSet): 4 ... 5 6 # goods/serializers.py 添加轮播图 7 ... 8 class GoodsImageSerializer(serializers.ModelSerializer): 9 class Meta: 10 model = GoodsImage 11 fields = ("image",) 12 13 class GoodsSerializer(serializers.ModelSerializer): 14 ... 15 images = GoodsImageSerializer(many=True) 16 ....
2.热卖商品接口实现
1 # goods/filters.py 添加 is_hot 2 ... 3 class GoodsFilter(django_filters.FilterSet): 4 ... 5 class Meta: 6 model = Goods 7 fields = ['pricemin', 'pricemax', 'name', 'is_hot']
3.用户收藏接口实现
简单实现
1 # user_operation/views.py 2 from rest_framework import mixins, viewsets 3 from .models import UserFav 4 from .serializers import UserFavSerializer 5 6 class UserFavViewset(mixins.CreateModelMixin, mixins.DestroyModelMixin, viewsets.GenericViewSet): 7 queryset = UserFav.objects.all() 8 serializer_class = UserFavSerializer 9 10 # user_operation/serializers.py 11 from rest_framework import serializers 12 from .models import UserFav 13 14 class UserFavSerializer(serializers.ModelSerializer): 15 class Meta: 16 model = UserFav 17 fields = ['user', 'goods', 'id'] 18 19 # urls.py 20 ... 21 from user_operation.views import UserFavViewset 22 ... 23 # 配置用户收藏 24 router.register(r'userfavs', UserFavViewset, base_name='userfavs') 25 ...
不需要输入用户,默认为当前登录用户:
1 # user_operation/serializers.py 2 ... 3 class UserFavSerializer(serializers.ModelSerializer): 4 user = serializers.HiddenField( 5 default=serializers.CurrentUserDefault() 6 ) 7 class Meta: 8 ...
获取收藏列表:
1 # user_operation/views.py 2 ... 3 class UserFavViewset(..., mixins.ListModelMixin, ...): 4 ...
设置user与good唯一索引:
1 # 方法一:在数据表中设计 2 # user_operation/models.py 3 class UserFav(models.Model): 4 ... 5 class Meta: 6 ... 7 unique_together = ("user", "goods") 8 ... 9 10 # 方法二:在serializers.py中设置 11 # user_operation/serializers.py 12 ... 13 class UserFavSerializer(serializers.ModelSerializer): 14 ... 15 class Meta: 16 validators = [ 17 UniqueTogetherValidator( 18 queryset=UserFav.objects.all(), 19 fields=('user', 'goods'), 20 message='已收藏', 21 ) 22 ] 23 ...
4.drf的权限验证
用户登录后才能操作:
1 # user_operation/views.py 2 ... 3 from rest_framework.permissions import IsAuthenticated 4 ... 5 class UserFavViewset(mixins.CreateModelMixin, mixins.ListModelMixin, mixins.DestroyModelMixin, viewsets.GenericViewSet): 6 ... 7 permission_classes = (IsAuthenticated,) 8 ...
只能查看和操作自己的收藏
1 # utils/permissions.py 2 from rest_framework import permissions 3 4 class IsOwnerOrReadOnly(permissions.BasePermission): 5 """ 6 Object-level permission to only allow owners of an object to edit it. 7 Assumes the model instance has an `owner` attribute. 8 """ 9 10 def has_object_permission(self, request, view, obj): 11 # Read permissions are allowed to any request, 12 # so we'll always allow GET, HEAD or OPTIONS requests. 13 if request.method in permissions.SAFE_METHODS: 14 return True 15 16 # Instance must have an attribute named `owner`. 17 return obj.user == request.user 18 19 # user_operations/views.py 20 ... 21 from utils.permissions import IsOwnerOrReadOnly 22 ... 23 class UserFavViewset(mixins.CreateModelMixin, mixins.ListModelMixin, mixins.DestroyModelMixin, viewsets.GenericViewSet): 24 # queryset = UserFav.objects.all() 25 ... 26 permission_classes = (..., IsOwnerOrReadOnly) 27 28 def get_queryset(self): 29 return UserFav.objects.filter(user=self.request.user)
JWT授权
1 # user_opeartion/views.py 2 ... 3 from rest_framework.authentication import SessionAuthentication 4 from rest_framework_jwt.authentication import JSONWebTokenAuthentication 5 ... 6 class UserFavViewset(mixins.CreateModelMixin, mixins.ListModelMixin, mixins.DestroyModelMixin, viewsets.GenericViewSet): 7 ... 8 authentication_classes = (JSONWebTokenAuthentication, SessionAuthentication,) 9 ...
5.用户收藏功能和vue联调
删除用户收藏时,传送过来的是good的id。UserFav表结构为:id、add_time、goods_id、user_id。此时good的id直接对应UserFav表中的id,是不正确的。正确的应该是对应到goods_id上。此时我们引入lookup_field,作用:改变默认的{PK}
1 # user_opeartion/views.py 2 ... 3 class UserFavViewset(mixins.CreateModelMixin, mixins.ListModelMixin, mixins.DestroyModelMixin, viewsets.GenericViewSet): 4 ... 5 lookup_field = 'goods_id' 6 def get_queryset(self): 7 ...
浙公网安备 33010602011771号