drf-认证、权限组件

https://www.bilibili.com/video/BV1z5411D7BQ?p=24&spm_id_from=pageDriver&vd_source=caabcbd2a759a67e2a3de8acbaaf08ea

views.py

from rest_framework.response import Response
from rest_framework.views import APIView

#局部自定义认证逻辑
class MyAutheentication(object):
    def authenticate(self,requeest):
        #这里加需要认证的逻辑,获取token查数据库啥的,这里return的下面用request.use去拿
        return ("yuan",None)

    
#局部自定义权限逻辑    
from rest_framework.permissions import BasePermission

class MyPermission(BasePermission):
    def has_permission(self, request, view):
        return False    ----返回False就是不给请求通过

class BookView2(ModelViewSet,APIView):
    # 局部自定义认证使用,有的话就不会去拿setting文件里面的DEFAULT_AUTHENTICATION_CLASSESS
    authentication_classes = [MyAutheentication,]
    # 局部自定义认证使用,有的话就不会去拿setting文件里面的DEFAULT_PERMISSION_CLASSES
     permission_classes=[MyPermission,]

    def zz(self,request):
        #获取用户类型
        print("request.user",request.user)
        return Response(123)

 

settings.py

REST_FRAMEWORK={
    # 全局认证  ,如果views.py里面没有单独写，那么就默认取这边的
    "DEFAULT_AUTHENTICATION_CLASSESS":[]
     #全局权限
    "DEFAULT_PERMISSION_CLASSES":[]
}