04: DjangoRestFramework使用

Django其他篇

目录:

  • 1.1 DjangoRestFramework基本使用
  • 1.2 drf认证&权限 模块
  • 1.3 djangorestframework 序列化
  • 1.4 djangorestframework 分页
  • 1.5 JWT:使用djangorestframework-jwt模块进行用户身份验证

1.1 DjangoRestFramework基本使用     返回顶部

  1、回顾CBV基本使用

from django.contrib import admin
from django.urls import path,re_path,include

urlpatterns = [
    path('admin/', admin.site.urls),
    re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
urls.py
from django.contrib import admin
from django.urls import path,re_path,include

urlpatterns = [
    path('admin/', admin.site.urls),
    re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
users/urls.py
import json
from django.shortcuts import render,HttpResponse
from django.views import View

class HomeView(View):

    def dispatch(self, request, *args, **kwargs):
        return super(HomeView, self).dispatch(request, *args, **kwargs)

    def get(self, request):
        return HttpResponse('get')

    def post(self, request):
        return HttpResponse('post')
users/views.py

  2、安装DjangoRestFramework

pip install djangorestframework==3.9.2
pip install markdown==3.0.1                  # Markdown support for the browsable API.
pip install django-filter==2.1.0             # Filtering support

  3、DjangoRestFramework 基本使用

from django.contrib import admin
from django.urls import path,re_path,include

urlpatterns = [
    path('admin/', admin.site.urls),
    re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
urls.py
from django.urls import path,re_path,include
from users import views

urlpatterns = [
    re_path(r'info', views.UserInfoViewSet.as_view(), name='user'),
]
users/urls.py
from rest_framework.views import APIView
from django.http import JsonResponse

class UserInfoViewSet(APIView):
    def __init__(self):
        super(UserInfoViewSet, self).__init__()

    def get(self, request, *args, **kwargs):
        result = {
            'status': True,
            'data': 'response data'
        }
        return JsonResponse(result, status=200)

    def post(self, request, *args, **kwargs):
        result = {
            'status': True,
            'data': 'response data'
        }
        return JsonResponse(result, status=200)
users/views.py

1.2 drf认证&权限 模块     返回顶部

  1、authentication基本使用

class UserInfoViewSet(APIView):
    authentication_classes = [authentication.IsAuthenticated,]  # 用户认证模块
    permission_classes = (authentication.IsOwnerOrReadOnly,)    # 用户授权模块
from django.contrib import admin
from django.urls import path,re_path,include

urlpatterns = [
    path('admin/', admin.site.urls),
    re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
urls.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from django.urls import path,re_path,include
from users import views

urlpatterns = [
    re_path(r'info', views.UserInfoViewSet.as_view(), name='user'),
]
users/urls.py
from rest_framework.views import APIView
from django.http import JsonResponse
from common.auth import authentication

class UserInfoViewSet(APIView):
    authentication_classes = [authentication.IsAuthenticated,]
    permission_classes = (authentication.IsOwnerOrReadOnly,)

    def __init__(self):
        super(UserInfoViewSet, self).__init__()

    def get(self, request, *args, **kwargs):
        result = {
            'status': True,
            'data': 'response data'
        }
        return JsonResponse(result, status=200)

    def post(self, request, *args, **kwargs):
        result = {
            'status': True,
            'data': 'response data'
        }
        return JsonResponse(result, status=200)
users/views.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from rest_framework import authentication
from rest_framework import exceptions
from rest_framework import permissions

class IsOwnerOrReadOnly(permissions.BasePermission):
    def has_permission(self, request, view):
        if False:  # 这里暂且不进行权限验证
            raise exceptions.ParseError('您没有操作的权限')
        return True

class IsAuthenticated(authentication.BaseAuthentication):
    def authenticate(self, request):
        auth = request.META.get('HTTP_AUTHORIZATION', None)  # 获取 header中的 Authorization
        if auth is None:
            raise exceptions.NotAuthenticated()

        '''这里应该是验证token是否合法逻辑'''
        # token = Token.objects.filter(key=auth)
        # try:
        #     request.user = token[0].user
        # except IndexError:
        #     raise exceptions.NotAuthenticated('Invalid input Authenticated')
        return (request, None)

    def authenticate_header(self, request):
        msg = 'Invalid token.Please get token first'
        return exceptions.NotAuthenticated(msg)
common\auth\authentication.py

   2、测试接口 

       04: DjangoRestFramework使用_第1张图片

1.3 djangorestframework 序列化     返回顶部

    04: DjangoRestFramework使用_第2张图片    04: DjangoRestFramework使用_第3张图片    04: DjangoRestFramework使用_第4张图片    04: DjangoRestFramework使用_第5张图片

'''1. 选项参数'''
name = serializers.CharField(min_length=3,max_length=20)
max_length     # 最大长度
min_lenght     # 最小长度
allow_blank    # 是否允许为空
max_value      # 最大值
min_value      # 最小值


'''2. 通用参数'''
gp = serializers.SerializerMethodField(read_only=True) 
read_only     # 表明该字段仅用于序列化输出,默认False
write_only    # 表明该字段仅用于反序列化输入,默认False
required      # 表明该字段在反序列化时必须输入,默认True
default       # 反序列化时使用的默认值
allow_null    # 表明该字段是否允许传入None,默认False
validators    # 该字段使用的验证器
label         # 用于HTML展示API页面时,显示的字段名称
help_text     # 用于HTML展示API页面时,显示的字段帮助提示信息
error_messages    # 包含错误编号与错误信息的字典
序列化常用字段参数

  1、序列化使用

INSTALLED_APPS = [

    'rest_framework',
    'users',
]
settings.py 注册App
from django.contrib import admin
from django.urls import path,re_path,include

urlpatterns = [
    path('admin/', admin.site.urls),
    re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
urls.py 定义总路由
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from django.urls import path,re_path
from users import views

urlpatterns = [
    re_path(r'^info/$', views.UserInfoViewSet.as_view(), name='userinfo'),
]
users/urls.py
from django.db import models

class UserInfo(models.Model):
    name = models.CharField(max_length=64,unique=True)
    ut = models.ForeignKey(to='UserType', on_delete=models.CASCADE)
    gp = models.ManyToManyField(to='UserGroup')

    def __str__(self):
        return self.name

class UserType(models.Model):
    type_name = models.CharField(max_length=64,unique=True)

    def __str__(self):
        return self.type_name

class UserGroup(models.Model):
    group = models.CharField(max_length=64)

    def __str__(self):
        return self.group
users/models.py
from rest_framework.views import APIView
from rest_framework.views import Response
import json

from users import serializers
from users import models as users_model

class UserInfoViewSet(APIView):
    # 查询用户信息
    def get(self, request, *args, **kwargs):
        # 一对多、多对多查询都是一样的语法
        obj = users_model.UserInfo.objects.all()
        ser = serializers.UserInfoSerializer(instance=obj,many=True)  # 关联数据多个
        # ser = serializers.UserInfoSerializer(instance=obj[0])   # 关联数据一个
        return Response(ser.data, status=200)

    # 创建用户
    '''创建用户'''
    def post(self,request):
        ser = serializers.UserInfoSerializer(data=request.data)
        if ser.is_valid():
            ser.save()
            return Response(data=ser.data, status=201)
        return Response(data=ser.errors,status=400)

    # 更新用户信息
    def put(self, request):
        pk = request.data.get('pk')
        userinfo = users_model.UserInfo.objects.get(id = pk)
        # 创建序列化对象,并将要反序列化的数据传递给data构造参数,进而进行验证
        ser = serializers.UserInfoSerializer(userinfo,data=request.data)
        if ser.is_valid():
            ser.save()
            return Response(data=ser.data, status=201)
        return Response(data=ser.errors,status=400)
users/views.py
from rest_framework import serializers
from users.models import UserInfo


class UserInfoSerializer(serializers.Serializer):
    name = serializers.CharField(min_length=3,max_length=20)                # 显示普通字段
    ut_id = serializers.IntegerField(write_only=True)                      # 外键约束,关联字段要定义
    ut = serializers.CharField(source='ut.type_name',required=False)      # 显示一对多字段名称
    gp = serializers.SerializerMethodField(read_only=True)                 # 自定义显示(显示多对多)
    xxx = serializers.CharField(source='name',required=False)              # 也可以自定义显示字段名称

    '''PrimaryKeyRelatedField和StringRelatedField:可以用对 一对多 和 多对多 关联对象序列化'''
    # gp = serializers.PrimaryKeyRelatedField(read_only=True, many=True)
    # gp = serializers.StringRelatedField(read_only=True,many=True)

    class Meta:
        model = UserInfo

    # 自定义显示 多对多 字段
    def get_gp(self,row):
        '''row: 传过来的正是 UserInfo表的对象'''
        gp_obj_list = row.gp.all().values('id','group')  # 获取用户所有组
        return gp_obj_list

    # 定义创建语法
    def create(self, validated_data):
        return UserInfo.objects.create(**validated_data)

    # 定义更新方法
    def update(self, instance, validated_data):
        if validated_data.get('name'):
            instance.name = validated_data['name']
        if validated_data.get('ut_id'):
            instance.ut_id = validated_data['ut_id']
        instance.save()
        return instance

    # 定义单一字段验证的方法
    def validate_name(self, value):
        if value == 'root':
            raise serializers.ValidationError('不能创建root管理员账号')
        return value

    # 定义多字段验证方法
    def validate(self, attrs):
        if attrs['name'] == 'admin':
            raise serializers.ValidationError('不能创建admin用户')
        return attrs


# 一对多序列化(反向查找)
class UserTypeSerializer(serializers.Serializer):
    type_name = serializers.CharField()
    # 法1一对多关联对象序列化:此字段将被序列化为关联对象的主键
    userinfo_set = serializers.PrimaryKeyRelatedField(read_only=True, many=True)

    # 法2一对多关联对象序列化:此字段将被序列化为关联对象的字符串表示方式(即__str__方法的返回值)
    # userinfo_set = serializers.StringRelatedField(read_only=True,many=True)
    # 法3一对多关联对象序列化:使用关联对象的序列化器
    # userinfo_set = UserInfoSerializer(many=True)


# 多对多序列化(反向)
class UserGroupSerializer(serializers.Serializer):
    group = serializers.CharField()
    # 法1一对多关联对象序列化:此字段将被序列化为关联对象的主键
    # userinfo_set = serializers.PrimaryKeyRelatedField(read_only=True, many=True)

    # 法2一对多关联对象序列化:此字段将被序列化为关联对象的字符串表示方式(即__str__方法的返回值)
    # userinfo_set = serializers.StringRelatedField(read_only=True,many=True)
    # 法3一对多关联对象序列化:使用关联对象的序列化器
    # userinfo_set = UserInfoSerializer(many=True)
users/serializers.py

  2、序列化(serializers.Serializer

    1)序列化(正向查找)

from rest_framework import serializers
from users.models import UserInfo

class UserInfoSerializer(serializers.Serializer):
    name = serializers.CharField(min_length=3,max_length=20)               # 显示普通字段
    ut = serializers.CharField(source='ut.type_name',required=False)       # 显示一对多字段名称
    gp = serializers.SerializerMethodField(read_only=True)                 # 自定义显示(显示多对多)
    xxx = serializers.CharField(source='name',required=False)              # 也可以自定义显示字段名称
    ut_id = serializers.IntegerField(write_only=True)                      # 一对多关联字段定义(外键约束)

    '''PrimaryKeyRelatedField和StringRelatedField:可以用对 一对多 和 多对多 关联对象序列化'''
    # gp = serializers.PrimaryKeyRelatedField(read_only=True, many=True)
    # gp = serializers.StringRelatedField(read_only=True,many=True)

    class Meta:
        model = UserInfo

    # 自定义显示 多对多 字段
    def get_gp(self,row):
        '''row: 传过来的正是 UserInfo表的对象'''
        gp_obj_list = row.gp.all().values('id','group')  # 获取用户所有组
        return gp_obj_list

    2)序列化(反向查找)

''' 一对多序列化(反向查找)'''
class UserTypeSerializer(serializers.Serializer):
    type_name = serializers.CharField()
    # 法1一对多关联对象序列化:此字段将被序列化为关联对象的主键
    userinfo_set = serializers.PrimaryKeyRelatedField(read_only=True, many=True)

    # 法2一对多关联对象序列化:此字段将被序列化为关联对象的字符串表示方式(即__str__方法的返回值)
    # userinfo_set = serializers.StringRelatedField(read_only=True,many=True)
    # 法3一对多关联对象序列化:使用关联对象的序列化器
    # userinfo_set = UserInfoSerializer(many=True)

     3)视图函数中使用序列化

class UserInfoViewSet(APIView):
    def get(self, request, *args, **kwargs):
        # 一对多、多对多查询都是一样的语法
        obj = users_model.UserInfo.objects.all()
        ser = serializers.UserInfoSerializer(instance=obj,many=True)  # 关联数据多条
        # ser = serializers.UserInfoSerializer(instance=obj[0])       # 关联数据一条
        return Response(ser.data, status=200)

  3、反序列化

    1)使用反序列化保存数据

'''创建用户'''
def post(self,request):
    ser = serializers.UserInfoSerializer(data=request.data)
    if ser.is_valid():
        ser.save()
        return Response(data=ser.data, status=201)
    return Response(data=ser.errors,status=400)

    2)反序列化定义创建和更新方法

    # 定义创建语法
    def create(self, validated_data):
        return UserInfo.objects.create(**validated_data)

    # 定义更新方法
    def update(self, instance, validated_data):
        if validated_data.get('name'):
            instance.name = validated_data['name']
        if validated_data.get('ut_id'):
            instance.ut_id = validated_data['ut_id']
        instance.save()
        return instance

    # 定义单一字段验证的方法
    def validate_name(self, value):
        if value == 'root':
            raise serializers.ValidationError('不能创建root管理员账号')
        return value

    # 定义多字段验证方法
    def validate(self, attrs):
        if attrs['name'] == 'admin':
            raise serializers.ValidationError('不能创建admin用户')
        return attrs

  4、序列化使用举例(serializers.ModelSerializer

      1. ModelSerializer本质是继承了Serielizer类添加了部分功能

      2. 在使用上ModelSerializer可以使用     fields = '__all__'     定义要显示的字段

'''users/serializers/userinfo_serializers.py'''

from rest_framework import serializers
from users.models import UserInfo

class UserInfoSerializer(serializers.ModelSerializer):
    # name = serializers.CharField()                       # 显示普通字段
    ut = serializers.CharField(source='ut.type_name')     # 显示一对多字段
    gp = serializers.SerializerMethodField()               # 自定义显示(显示多对多)
    xxx = serializers.CharField(source='name')             # 也可以自定义显示字段名称

    class Meta:
        model = UserInfo
        # fields = "__all__"
        fields = ["name",'ut','gp','xxx']  # 定义显示那些字段

    def get_gp(self,row):
        '''row: 传过来的正是 UserInfo表的对象'''
        gp_obj_list = row.gp.all()  # 获取用户所有组
        ret = []
        for item in gp_obj_list:
            ret.append({'id':item.id,'gp':item.group})
        return ret
serializers.ModelSerializer使用

  5、使用serializers.ModelSerializer 进行数据验证

from rest_framework.views import APIView
from users.serializers.userinfo_serializers import UserInfoSerializer
from users.models import UserInfo

class UserInfoViewSet(APIView):
    def get(self, request, *args, **kwargs):
        obj = UserInfo.objects.all()
        ser = UserInfoSerializer(instance=obj,many=True)
        ret = json.dumps(ser.data,ensure_ascii=False)
        return HttpResponse(ret)

    def post(self, request, *args, **kwargs):
        ser = UserInfoSerializer(data=request.data)          # 验证,对请求发来的数据进行验证
        if ser.is_valid():
            print(ser.validated_data)  # post请求数据字典
        else:
            print(ser.errors)  # form验证错误信息
        return HttpResponse(json.dumps({'status':True}))
users/views.py
'''users/serializers/userinfo_serializers.py'''

from rest_framework import serializers
from django.core.exceptions import ValidationError
from users.models import UserInfo

class UserInfoSerializer(serializers.ModelSerializer):
    name = serializers.CharField(min_length=10, error_messages={'required': '该字段必填'})                       # 显示普通字段
    ut = serializers.CharField(source='ut.type_name',required=False)     # 显示一对多字段
    gp = serializers.SerializerMethodField(required=False)               # 自定义显示(显示多对多)
    xxx = serializers.CharField(source='name', required=False)             # 也可以自定义显示字段名称

    class Meta:
        model = UserInfo
        # fields = "__all__"
        fields = ["name",'ut','gp','xxx']  # 定义显示那些字段

    # 局部钩子:
    def validate_name(self, value):  # value 是name字段提交的值
        if value.startswith('sb'):  # 不能以sb开头
            raise ValidationError('不能以sb开头')
        else:
            return value

    # 全局钩子找到了
    def validate(self, value):  # value是所有校验通过数据的字典
        name = value.get('name')
        if False:
            raise ValidationError('全局钩子引发异常')
        return value
users/serializers/userinfo_serializers.py
'''1、ser.is_valid()'''
# 验证post请求中数据是否合法

'''2、全局校验钩子'''
def validate(self, value):        # value是所有校验通过数据的字典

'''3、局部钩子'''
def validate_name(self, value):   # value 是name字段提交的值

1.4 djangorestframework 分页     返回顶部

  1、分页中基本语法

'''1、实例化一个Paginator对象'''
paginator = Paginator(objs, page_size)    # paginator对象

'''2、获取总数量&总页数'''
total_count = paginator.count   # 总数量
total = paginator.num_pages     # 总页数

'''3、使用objs对象获取指定页数内容'''
objs = paginator.page(page)

'''4、对分页后的数据进行序列化操作'''
serializer = Serializer(objs, many=True)    # 序列化操作

   2、分页模块使用举例

#!/usr/bin/python
# -*- coding: utf-8 -*-
from django.conf import settings
from rest_framework import status
from django.core.paginator import EmptyPage, Paginator, PageNotAnInteger
from rest_framework.views import Response


def Paginators(objs, request, Serializer):
    """
    objs : 实体对象, queryset
    request : 请求对象
    Serializer : 对应实体对象的类
    page_size : 每页显示多少条数据
    page  : 显示第几页数据
    total_count :总共有多少条数据
    total :总页数
    """
    try:
        page_size = int(request.GET.get('page_size', settings.REST_FRAMEWORK['PAGE_SIZE']))
        page = int(request.GET.get('page', 1))
    except (TypeError, ValueError):
        return Response(status=400)

    paginator = Paginator(objs, page_size)    # paginator对象
    total_count = paginator.count
    total = paginator.num_pages    # 总页数
    try:
        objs = paginator.page(page)
    except PageNotAnInteger:
        objs = paginator.page(1)
    except EmptyPage:
        objs = paginator.page(paginator.num_pages)
    serializer = Serializer(objs, many=True)    # 序列化操作
    return Response(
        data={
            'detail': serializer.data,
            'page': page,
            'page_size': page_size,
            'total': total,
            'total_count': total_count
        }
    )
common/utils/api_paginator.py 自定义分页模块
#  分页
REST_FRAMEWORK = {
    # 全局分页
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    # 关闭api root页面展示
    'DEFAULT_RENDERER_CLASSES': (
        'rest_framework.renderers.JSONRenderer',
    ),
    'UNICODE_JSON': False,
    # 自定义异常处理
    'EXCEPTION_HANDLER': (
            'common.utils.custom_exception_handler'
        ),
    'PAGE_SIZE': 10
}
settings.py
'''users/serializers/userinfo_serializers.py'''

from rest_framework import serializers
from users.models import UserInfo

class UserInfoSerializer(serializers.Serializer):
    name = serializers.CharField()                         # 显示普通字段
    ut = serializers.CharField(source='ut.type_name')      # 显示一对多字段
    gp = serializers.SerializerMethodField()               # 自定义显示(显示多对多)
    xxx = serializers.CharField(source='name')             # 也可以自定义显示字段名称

    class Meta:
        model = UserInfo

    def get_gp(self,row):
        '''row: 传过来的正是 UserInfo表的对象'''
        gp_obj_list = row.gp.all()  # 获取用户所有组
        ret = []
        for item in gp_obj_list:
            ret.append({'id':item.id,'gp':item.group})
        return ret
users/serializers/userinfo_serializer.py
''' users/views.py'''

from rest_framework.views import APIView
from rest_framework.views import Response
from users.serializers.userinfo_serializers import UserInfoSerializer
from users.models import UserInfo
from common.utils.api_paginator import Paginators

class UserInfoViewSet(APIView):
    queryset = UserInfo.objects.all().order_by('id')
    serializer_class = UserInfoSerializer

    def get(self, request, *args, **kwargs):
        self.queryset = self.queryset.all()
        ret = Paginators(self.queryset, request, self.serializer_class)
        print(json.dumps(ret.data))  # ret.data 返回的是最终查询的json数据
        return Response(ret.data)

# http://127.0.0.1:8000/users/info/?page_size=1
'''
{
    "detail": [
        {
            "name": "zhangsan",
            "ut": "学生",
            "gp": [
                {
                    "id": 1,
                    "gp": "group01"
                },
                {
                    "id": 2,
                    "gp": "group02"
                }
            ],
            "xxx": "zhangsan"
        }
    ],
    "page": 1,
    "page_size": 1,
    "total": 3,
    "total_count": 3
}
'''
users/views.py

1.5 JWT:使用djangorestframework-jwt模块进行用户身份验证     返回顶部

     安装: pip install djangorestframework-jwt

     添加应用:python manage.py startapp users

     官方网站:https://jpadilla.github.io/django-rest-framework-jwt/

  1、JWT配置使用

########### 1、在INSTALLED_APPS中加入'rest_framework.authtoken', #################
INSTALLED_APPS = [
    '''
    'rest_framework.authtoken',  # 
    '''
]

################### 2、配置jwt验证 ######################
REST_FRAMEWORK = {
    # 身份认证
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.BasicAuthentication',
    ),
}

import datetime

JWT_AUTH = {
    'JWT_AUTH_HEADER_PREFIX': 'JWT',
    'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1),
    'JWT_RESPONSE_PAYLOAD_HANDLER':
        'users.views.jwt_response_payload_handler',  # 重新login登录返回函数
}
AUTH_USER_MODEL='users.User'  # 指定使用users APP中的 model User进行验证
settings.py 配置使用JWT
from django.contrib import admin
from django.urls import path,re_path,include

urlpatterns = [
    path('admin/', admin.site.urls),
    re_path(r'users/',include(('users.urls','users'),namespace='users'))
]
urls.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from django.urls import path,re_path,include
from users import views
from rest_framework_jwt.views import obtain_jwt_token  # 验证密码后返回token

urlpatterns = [
    path('v1/register/', views.RegisterView.as_view(), name='register'),  # 注册用户
    path('v1/login/', obtain_jwt_token,name='login'),  # 用户登录后返回token
    path('v1/list/', views.UserList.as_view(), name='register'),  # 测试需要携带token才能访问
]
users/urls.py
from django.db import models
from django.contrib.auth.models import AbstractUser


class User(AbstractUser):
    username = models.CharField(max_length=64, unique=True)
    password = models.CharField(max_length=255)
    phone = models.CharField(max_length=64)
    token = models.CharField(max_length=255)
users/models.py 添加用户认证的User表
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from rest_framework_jwt.settings import api_settings
from rest_framework import serializers
from users.models import User

class UserSerializer(serializers.Serializer):
    username = serializers.CharField()
    password = serializers.CharField()
    phone = serializers.CharField()
    token = serializers.CharField(read_only=True)

    def create(self, data):
        user = User.objects.create(**data)
        user.set_password(data.get('password'))
        user.save()
        # 补充生成记录登录状态的token
        jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
        jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
        payload = jwt_payload_handler(user)
        token = jwt_encode_handler(payload)
        user.token = token
        return user
users/serializers.py 使用Serializer的create方法创建token
from django.shortcuts import render
import json
from rest_framework.views import APIView
from rest_framework.views import Response
from rest_framework.permissions import IsAuthenticated
from rest_framework_jwt.authentication import JSONWebTokenAuthentication
from users.serializers import UserSerializer


# 用户注册
class RegisterView(APIView):
    def post(self, request, *args, **kwargs):
        serializer = UserSerializer(data=request.data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data, status=201)
        return Response(serializer.errors, status=400)


# 重新用户登录返回函数
def jwt_response_payload_handler(token, user=None, request=None):
    '''
    :param token: jwt生成的token值
    :param user: User对象
    :param request: 请求
    '''
    return {
        'token': token,
        'user': user.username,
        'userid': user.id
    }


# 测试必须携带token才能访问接口
class UserList(APIView):
    permission_classes = [IsAuthenticated]  # 接口中加权限
    authentication_classes = [JSONWebTokenAuthentication]

    def get(self,request, *args, **kwargs):
        print(request.META.get('HTTP_AUTHORIZATION', None))
        return Response({'name':'zhangsan'})
    def post(self,request, *args, **kwargs):
        return Response({'name':'zhangsan'})
users/views.py
#1、指定允许的hosts,否则通过 http://jack.com:8888/index/ 无法访问jack_django程序
ALLOWED_HOSTS = ['*']

#2、将corsheaders 注册到app中
INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'corsheaders',
    'app01',
]

#3、将下面两条添加到中间件重
MIDDLEWARE = [
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
]

#4、配置 django-cors-headers 中的参数
CORS_ALLOW_CREDENTIALS = True
CORS_ORIGIN_ALLOW_ALL = True
# CORS_ORIGIN_WHITELIST = (
#     '*',
# )

CORS_ALLOW_METHODS = (
    'DELETE',
    'GET',
    'OPTIONS',
    'PATCH',
    'POST',
    'PUT',
    'VIEW',
)

CORS_ALLOW_HEADERS = (
    'XMLHttpRequest',
    'X_FILENAME',
    'accept-encoding',
    'authorization',
    'content-type',
    'dnt',
    'origin',
    'user-agent',
    'x-csrftoken',
    'x-requested-with',
    'Pragma',
)
settings.py 前后端分离配置cors

   04: DjangoRestFramework使用_第6张图片        04: DjangoRestFramework使用_第7张图片       04: DjangoRestFramework使用_第8张图片  

# 通过用户token获取用户信息
from
rest_framework_jwt.utils import jwt_decode_handler toke_user = jwt_decode_handler(token) # {'user_id': 2, 'username': 'lisi', 'exp': 1561504444, 'email': ''}

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1111

'''定义显示的字段'''

你可能感兴趣的:(04: DjangoRestFramework使用)