Django Rest Framework框架

1. 基本流程

url.py

1

2

3

4

5

6

from django.conf.urls import url, include

from web.views.s1_api import TestView

 

urlpatterns = [

    url(r'^test/', TestView.as_view()),

]

views.py

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

from rest_framework.views import APIView

from rest_framework.response import Response

 

 

class TestView(APIView):

    def dispatch(self, request, *args, **kwargs):

        """

        请求到来之后，都要执行dispatch方法，dispatch方法根据请求方式不同触发 get/post/put等方法

         

        注意：APIView中的dispatch方法有好多好多的功能

        """

        return super().dispatch(request, *args, **kwargs)

 

    def get(self, request, *args, **kwargs):

        return Response('GET请求，响应内容')

 

    def post(self, request, *args, **kwargs):

        return Response('POST请求，响应内容')

 

    def put(self, request, *args, **kwargs):

        return Response('PUT请求，响应内容')

上述是rest framework框架基本流程，重要的功能是在APIView的dispatch中触发。

-------------------------------------------------------------------------------------------------------------------------------------------------

2.  认证,授权,限流

urls.py

urlpatterns = [    # url(r'^admin/', admin.site.urls),    url(r'(?P<version>\w+)/api/',views.UserView.as_view(),name='sss'),    url(r'(?P<version>\w+)/test/',views.TestView.as_view(),name='test'),    url(r'(?P<version>\w+)/login/',views.LoginView.as_view(),name='login')]

settings.py

# ################ restful相关设置 ##################REST_FRAMEWORK = {    "DEFAULT_VERSIONING_CLASS": "rest_framework.versioning.URLPathVersioning",    "VERSION_PARAM": "version",    "DEFAULT_VERSION": 'v1',    "ALLOWED_VERSIONS": ['v1', 'v2'],    "UNAUTHENTICATED_USER":None,    "UNAUTHENTICATED_TOKEN":None,    "DEFAULT_THROTTLE_RATES":{        'anon':'5/m',        'user':'10/m',    }}

veiws.py

from rest_framework import viewsfrom django.shortcuts import HttpResponsefrom django.http import JsonResponsefrom rest_framework.authentication import BaseAuthenticationfrom rest_framework import exceptionsfrom rest_framework.throttling import SimpleRateThrottlefrom API import models# ################ 认证相关 ################ 应放在单独文件中class CustomAuthentication(BaseAuthentication):    def authenticate(self, request):        """        Authenticate the request and return a two-tuple of (user, token).        """        tk = request.query_params.get('tk')        token_obj = models.Token.objects.filter(token=tk).first()        if token_obj:            # (UserInfo对象,Token对象)            return (token_obj.user,token_obj)    def authenticate_header(self, request):        """        Return a string to be used as the value of the `WWW-Authenticate`        header in a `401 Unauthenticated` response, or `None` if the        authentication scheme should return `403 Permission Denied` responses.        """        # return 'Basic realm=api'        passdef gen_token(username):    import time    import hashlib    ctime = str(time.time())    hash = hashlib.md5(username.encode('utf-8'))    hash.update(ctime.encode('utf-8'))    return hash.hexdigest()# ################ 限流 ################class CustomAnonRatethrottle(SimpleRateThrottle):    scope = 'anon'    def allow_request(self, request, view):        if request.user:            return True        self.key = self.get_cache_key(request, view)        self.history = self.cache.get(self.key, [])        self.now = self.timer()        while self.history and self.history[-1] <= self.now -self.duration:            self.history.pop()        if len(self.history) >= self.num_requests:            return self.throttle_failure()        return self.throttle_success()    def get_cache_key(self, request, view):        return 'throttle_%(scope)s_%(ident)s' %{            'scope':self.scope,            'ident':self.get_ident(request)        }class CustomUserRatethrottle(SimpleRateThrottle):    scope = 'user'    def allow_request(self, request, view):        print(request.user,'$$$')        if not request.user:            return True        self.key = request.user.user        self.history = self.cache.get(self.key, [])        self.now = self.timer()        while self.history and self.history[-1] <= self.now - self.duration:            self.history.pop()        if len(self.history) >= self.num_requests:            return self.throttle_failure()        return self.throttle_success()# ################ 权限相关 ################from rest_framework.permissions import AllowAny,BasePermissionclass CustomPermission(BasePermission):    message = "无权限"    def has_permission(self, request, view):        """        Return `True` if permission is granted, `False` otherwise.        """        # return True        method = request._request.method        if not request.user:            return False        return Trueclass UserView(views.APIView):    authentication_classes = [CustomAuthentication,]    throttle_classes = [CustomAnonRatethrottle,CustomUserRatethrottle]    permission_classes = [CustomPermission]    def get(self,request,*args,**kwargs):        print(request.user)        print(request.version)        # print(request.versioning_scheme.reverse(viewname='sss', request=request))        return HttpResponse('...')class TestView(views.APIView):    authentication_classes = [CustomAuthentication, ]    throttle_classes = [CustomAnonRatethrottle, CustomUserRatethrottle]    def get(self,request,*args,**kwargs):        print(request.user)        print(request.version)        # print(request.versioning_scheme.reverse(viewname='sss', request=request))        return HttpResponse('...')class LoginView(views.APIView):    def post(self,request,*args,**kwargs):        user = request._request.POST.get('user')        pwd = request._request.POST.get('pwd')        email = request._request.POST.get('email')        user_type_id = request._request.POST.get('user_type_id')        user_obj=models.UserInfo.objects.create(user=user,pwd=pwd,email=email,user_type_id=user_type_id)        token=gen_token(user)        models.Token.objects.create(user=user_obj,token=token)        return JsonResponse({'tk':token})

-----------------------------------------------------------------------------------------------------------------------------------------------

3. 序列化,字段验证

import refrom rest_framework.response import Responsefrom rest_framework import serializersclass ProcessField:    def __call__(self, value):        if re.match(r'^\d+$',value):            raise serializers.ValidationError('Can not be pure numbers')class UserSerializers(serializers.Serializer):    user=serializers.CharField(min_length=6)    pwd=serializers.CharField(error_messages={'required':'密码不能为空'},validators=[ProcessField(),])    # ut_title = serializers.CharField(source='ut.title')class Test1View(views.APIView):    def get(self,request,*args,**kwargs):        # 序列化，将数据库查询字段序列化为字典        data_list = models.UserInfo.objects.all()        ser = UserSerializers(instance=data_list, many=True)        # 或        # obj = models.UserInfo.objects.all().first()        # ser = UserSerializer(instance=obj, many=False)        return Response(ser.data)    def post(self,request,*args,**kwargs):        ser = UserSerializers(data=request.data)        if ser.is_valid():            return Response(ser.validated_data)        else:            return Response(ser.errors)

http://www.cnblogs.com/wupeiqi/articles/7805382.html