Django RestFramework

安装restframework

pip install djangorestframework
pip install markdown       # Markdown support for the browsable API.
pip install django-filter  # Filtering support

安装其他模块

pip install pillow
pip install django-cors-headers

建模和迁移数据

drf包含四个部分,models,views,urls,和serializers,其中serializers是比django多出的内容。
serializers实现了数据的序列化和反序列化,即数据orm转json,和json转orm。
user数据已经建好。
models还是原来的models

serializers.py



class UserSerializer(serializers.HyperlinkedModelSerializer):

    class Meta:
        model = User
        fields = ('id', 'url', 'username', 'email', )


urls指定访问api的路径

urls

from django.conf.urls import url, include
from django.contrib import admin

from rest_framework import routers
from quickstartapp import views

router = routers.DefaultRouter()

router.register(r'users', views.UserViewSet)
# router.register(r'groups', views.GroupViewSet)

urlpatterns = [
    url(r'^admin/', admin.site.urls),
    url(r'^', include(router.urls)),

]

views指定展示的形式,可以在这里定制

views

from django.contrib.auth.models import User

from rest_framework import viewsets

from quickstartapp.serializers import UserSerializer

class UserViewSet(viewsets.ModelViewSet):
    """
    查看、编辑用户数据的API接口。
    """
    queryset = User.objects.all().order_by('-date_joined')     # 排序方法
    serializer_class = UserSerializer

Filtering against query parameters(根据查询参数进行过滤)

过滤初始查询集的最后一个示例是基于url中的查询参数确定初始查询集。

我们可以通过重写.get_queryset()方法来处理像http://example.com/api/purchases?username=denvercoder9这样的网址,并且只有在URL中包含username参数时,才过滤queryset:
比如下例子:
访问链接如下。

http://localhost:8000/blogapp/BlogPageCate/?cxcategory=3

数据库表如下
在这里插入图片描述

views中需要这样设置


class BlogPageCatetView(generics.ListAPIView):
    '''分类导航图标列表'''
    serializer_class = BlogPageSerializer
    permissin_classes = (permissions.AllowAny,)
    pagination_class = LimitOffsetPagination  # 分页 请求加 ?limit = xx

    def get_queryset(self):
        # user = self.request.user
        queryset = BlogPage.objects.all()
        # queryset = BlogPage.objects.all()
        cxcategory = self.request.query_params.get('cxcategory', None)
        if cxcategory is not None:
            queryset = queryset.filter(cxcategory_id=cxcategory)
        return queryset

setting

Django RestFramework_第1张图片

增加分组功能

serializers
Django RestFramework_第2张图片

views
Django RestFramework_第3张图片
urls
Django RestFramework_第4张图片

增加分页功能

setting
Django RestFramework_第5张图片

增加登陆功能

urls
Django RestFramework_第6张图片

限制权限

Django RestFramework_第7张图片

DRF示例-snippets

snippets\settings.py

"""
Django settings for snippets project.

Generated by 'django-admin startproject' using Django 3.1.7.

For more information on this file, see
https://docs.djangoproject.com/en/3.1/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/3.1/ref/settings/
"""

from pathlib import Path

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'q3s1m3_sg6$p8yf9hmz%#tu)&tv(r@%mqbbfezkd1#993vysrw'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = []


# Application definition

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
    'snippetsapp.apps.SnippetsappConfig',

]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

ROOT_URLCONF = 'snippets.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'snippets.wsgi.application'


# Database
# https://docs.djangoproject.com/en/3.1/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'snippets',
        'HOST': '127.0.0.1',
        'PORT': 3306,
        'USER': 'root',
        'PASSWORD': '123',
    }
}


# Password validation
# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
]


# Internationalization
# https://docs.djangoproject.com/en/3.1/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.1/howto/static-files/

STATIC_URL = '/static/'

snippetsapp\models.py

from django.db import models
from pygments import highlight
from pygments.formatters.html import HtmlFormatter

from pygments.lexers import get_all_lexers, get_lexer_by_name
from pygments.styles import get_all_styles

LEXERS = [item for item in get_all_lexers() if item[1]]
LANGUAGE_CHOICES = sorted([(item[1][0], item[0]) for item in LEXERS])
STYLE_CHOICES = sorted((item, item) for item in get_all_styles())


class Snippet(models.Model):
    created = models.DateTimeField(auto_now_add=True)
    title = models.CharField(max_length=100, blank=True, default='')
    code = models.TextField()
    linenos = models.BooleanField(default=False)
    language = models.CharField(choices=LANGUAGE_CHOICES, default='python', max_length=100)
    style = models.CharField(choices=STYLE_CHOICES, default='friendly', max_length=100)
    owner = models.ForeignKey('auth.User', related_name='snippets', on_delete=models.CASCADE, null= True , blank= True)
    highlighted = models.TextField( null=True,blank=True)

    class Meta:
        ordering = ('created',)

    def save(self, *args, **kwargs):
        """
        Use the `pygments` library to create a highlighted HTML
        representation of the code snippet.
        高亮显示相关
        """
        lexer = get_lexer_by_name(self.language)
        linenos = 'table' if self.linenos else False
        options = {'title': self.title} if self.title else {}
        formatter = HtmlFormatter(style=self.style, linenos=linenos,
                                  full=True, **options)
        self.highlighted = highlight(self.code, lexer, formatter)
        super(Snippet, self).save(*args, **kwargs)

snippetsapp\serializers.py

from rest_framework import serializers
from snippetsapp.models import Snippet, LANGUAGE_CHOICES, STYLE_CHOICES

class SnippetSerializer(serializers.ModelSerializer):
    class Meta:
        model = Snippet
        fields = ('id', 'title', 'code', 'linenos', 'language', 'style','owner')


#
# class SnippetSerializer(serializers.Serializer):
#     id = serializers.IntegerField(read_only=True)
#     title = serializers.CharField(required=False, allow_blank=True, max_length=100)
#     code = serializers.CharField(style={'base_template': 'textarea.html'})
#     linenos = serializers.BooleanField(required=False)
#     language = serializers.ChoiceField(choices=LANGUAGE_CHOICES, default='python')
#     style = serializers.ChoiceField(choices=STYLE_CHOICES, default='friendly')
#
#     def create(self, validated_data):
#         """
#         Create and return a new `Snippet` instance, given the validated data.
#         """
#         return Snippet.objects.create(**validated_data)
#
#     def update(self, instance, validated_data):
#         """
#         Update and return an existing `Snippet` instance, given the validated data.
#         """
#         instance.title = validated_data.get('title', instance.title)
#         instance.code = validated_data.get('code', instance.code)
#         instance.linenos = validated_data.get('linenos', instance.linenos)
#         instance.language = validated_data.get('language', instance.language)
#         instance.style = validated_data.get('style', instance.style)
#         instance.save()
#         return instance





snippetsapp\views.py

from snippetsapp.models import Snippet
from snippetsapp.serializers import SnippetSerializer
from rest_framework import generics
from rest_framework import permissions

class SnippetList(generics.ListCreateAPIView):
    queryset = Snippet.objects.all()
    serializer_class = SnippetSerializer
    permission_classes = (permissions.IsAuthenticatedOrReadOnly,)


class SnippetDetail(generics.RetrieveUpdateDestroyAPIView):
    queryset = Snippet.objects.all()
    serializer_class = SnippetSerializer


# #######################################
# from snippetsapp.models import Snippet
# from snippetsapp.serializers import SnippetSerializer
# from rest_framework import mixins
# from rest_framework import generics
#
# class SnippetList(mixins.ListModelMixin,
#                   mixins.CreateModelMixin,
#                   generics.GenericAPIView):
#     queryset = Snippet.objects.all()
#     serializer_class = SnippetSerializer
#
#     def get(self, request, *args, **kwargs):
#         return self.list(request, *args, **kwargs)
#
#     def post(self, request, *args, **kwargs):
#         return self.create(request, *args, **kwargs)
#
#
# class SnippetDetail(mixins.RetrieveModelMixin,
#                     mixins.UpdateModelMixin,
#                     mixins.DestroyModelMixin,
#                     generics.GenericAPIView):
#     queryset = Snippet.objects.all()
#     serializer_class = SnippetSerializer
#
#     def get(self, request, *args, **kwargs):
#         return self.retrieve(request, *args, **kwargs)
#
#     def put(self, request, *args, **kwargs):
#         return self.update(request, *args, **kwargs)
#
#     def delete(self, request, *args, **kwargs):
#         return self.destroy(request, *args, **kwargs)



####################################3

# from snippetsapp.models import Snippet
# from snippetsapp.serializers import SnippetSerializer
# from django.http import Http404
# from rest_framework.views import APIView
# from rest_framework.response import Response
# from rest_framework import status
#
# class SnippetList(APIView):
#     """
#     List all snippets, or create a new snippet.
#     """
#     def get(self, request, format=None):
#         snippets = Snippet.objects.all()
#         serializer = SnippetSerializer(snippets, many=True)
#         return Response(serializer.data)
#
#     def post(self, request, format=None):
#         serializer = SnippetSerializer(data=request.data)
#         if serializer.is_valid():
#             serializer.save()
#             return Response(serializer.data, status=status.HTTP_201_CREATED)
#         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
#
#
# class SnippetDetail(APIView):
#     """
#     Retrieve, update or delete a snippet instance.
#     """
#     def get_object(self, pk):
#         try:
#             return Snippet.objects.get(pk=pk)
#         except Snippet.DoesNotExist:
#             raise Http404
#
#     def get(self, request, pk, format=None):
#         snippet = self.get_object(pk)
#         serializer = SnippetSerializer(snippet)
#         return Response(serializer.data)
#
#     def put(self, request, pk, format=None):
#         snippet = self.get_object(pk)
#         serializer = SnippetSerializer(snippet, data=request.data)
#         if serializer.is_valid():
#             serializer.save()
#             return Response(serializer.data)
#         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
#
#     def delete(self, request, pk, format=None):
#         snippet = self.get_object(pk)
#         snippet.delete()
#         return Response(status=status.HTTP_204_NO_CONTENT)



###############################################

# from rest_framework import status
# from rest_framework.decorators import api_view
# from rest_framework.response import Response
# from snippetsapp.models import Snippet
# from snippetsapp.serializers import SnippetSerializer
#
#
# @api_view(['GET', 'POST'])
# def snippet_list(request,format=None):
#     """
#     List all code snippets, or create a new snippet.
#     """
#     if request.method == 'GET':
#         snippets = Snippet.objects.all()
#         serializer = SnippetSerializer(snippets, many=True)
#         return Response(serializer.data)
#
#     elif request.method == 'POST':
#         serializer = SnippetSerializer(data=request.data)
#         if serializer.is_valid():
#             serializer.save()
#             return Response(serializer.data, status=status.HTTP_201_CREATED)
#         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
#
# @api_view(['GET', 'PUT', 'DELETE'])
# def snippet_detail(request, pk):
#     """
#     Retrieve, update or delete a code snippet.
#     """
#     try:
#         snippet = Snippet.objects.get(pk=pk)
#     except Snippet.DoesNotExist:
#         return Response(status=status.HTTP_404_NOT_FOUND)
#
#     if request.method == 'GET':
#         serializer = SnippetSerializer(snippet)
#         return Response(serializer.data)
#
#     elif request.method == 'PUT':
#         serializer = SnippetSerializer(snippet, data=request.data)
#         if serializer.is_valid():
#             serializer.save()
#             return Response(serializer.data)
#         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
#
#     elif request.method == 'DELETE':
#         snippet.delete()
#         return Response(status=status.HTTP_204_NO_CONTENT)

###########################################################
#
#
# from django.http import HttpResponse, JsonResponse
# from django.views.decorators.csrf import csrf_exempt
# from rest_framework.renderers import JSONRenderer
# from rest_framework.parsers import JSONParser
# from snippetsapp.models import Snippet
# from snippetsapp.serializers import SnippetSerializer
#
#
# @csrf_exempt
# def snippet_list(request):
#     """
#     List all code snippets, or create a new snippet.
#     """
#     if request.method == 'GET':
#         snippets = Snippet.objects.all()
#         serializer = SnippetSerializer(snippets, many=True)
#         return JsonResponse(serializer.data, safe=False)
#
#     elif request.method == 'POST':
#         data = JSONParser().parse(request)
#         serializer = SnippetSerializer(data=data)
#         if serializer.is_valid():
#             serializer.save()
#             return JsonResponse(serializer.data, status=201)
#         return JsonResponse(serializer.errors, status=400)
#
#
# @csrf_exempt
# def snippet_detail(request, pk):
#     """
#     Retrieve, update or delete a code snippet.
#     """
#     try:
#         snippet = Snippet.objects.get(pk=pk)
#     except Snippet.DoesNotExist:
#         return HttpResponse(status=404)
#
#     if request.method == 'GET':
#         serializer = SnippetSerializer(snippet)
#         return JsonResponse(serializer.data)
#
#     elif request.method == 'PUT':
#         data = JSONParser().parse(request)
#         serializer = SnippetSerializer(snippet, data=data)
#         if serializer.is_valid():
#             serializer.save()
#             return JsonResponse(serializer.data)
#         return JsonResponse(serializer.errors, status=400)
#
#     elif request.method == 'DELETE':
#         snippet.delete()
#         return HttpResponse(status=204)

重新迁移数据库

When that’s all done we’ll need to update our database tables. Normally we’d create a database migration in order to do that, but for the purposes of this tutorial, let’s just delete the database and start again.
当修改过models后,需要更新数据库表。通常是建立一个数据库迁移,在这个课程中,我们只是删除这个数据库并且重新开始。

rm -f db.sqlite3
rm -r snippetsapp/migrations
python manage.py makemigrations snippetsapp
python manage.py migrate

实际中的操作

C:\djproject\snippets>python manage.py makemigrations
Migrations for 'snippetsapp':
  snippetsapp\migrations\0002_auto_20210402_0756.py
    - Add field highlighted to snippet
    - Add field owner to snippet

C:\djproject\snippets>python manage.py migrate
Operations to perform:
  Apply all migrations: admin, auth, contenttypes, sessions, snippetsapp
Running migrations:
  Applying snippetsapp.0002_auto_20210402_0756... OK

DRF接口增加流程

setting配置

时区设置

项目setting文件

LANGUAGE_CODE = 'zh-hans'

TIME_ZONE = 'Asia/Shanghai'

USE_I18N = True

USE_L10N = True

USE_TZ = True

资源文件路径

STATIC_URL = '/static/'

MEDIA_URL='/media/'
MEDIA_ROOT=os.path.join(os.path.dirname(BASE_DIR), 'eshop/media')

restframework设置

REST_FRAMEWORK = {
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 6,   # 分页设置
    'DEFAULT_AUTHENTICATION_CLASSES': (    # 认证设置
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    ),
}

数据库设定


# DATABASES = {
#     'default': {
#         'ENGINE': 'django.db.backends.mysql',
#         'NAME': 'eshop',
#         'HOST': '127.0.0.1',
#         'PORT': 3306,
#         'USER': 'root',
#         'PASSWORD': '123',
#     }
# }

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': BASE_DIR / 'db.sqlite3',
    }
}

项目初始化文件mysql支持设定

项目根_init_.py

import pymysql
pymysql.install_as_MySQLdb()

中间件设定

MIDDLEWARE = [
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',

]

应用设定

# Application definition

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',    # restframework支持
    'rest_framework.authtoken',   # 增加身份认证
    # 'django_filters',
    'computerapp.apps.ComputerappConfig',   # 你的应用
    'corsheaders',   跨站支持

]

创建数据模型

数据模型是整个应用的基础,应事先规划好,避免后期有大的改动

models.py

from django.db import models

# Create your models here.
from django.db import models
# from django.utils.six import python_2_unicode_compatible

from django.conf import settings


# @python_2_unicode_compatible
class Category(models.Model):
    """
    商品类别:笔记本、平板电脑、一体机、台式机、服务器
    """
    name = models.CharField(max_length=200, verbose_name='名称')
    created = models.DateTimeField(auto_now_add=True)
    updated = models.DateTimeField(auto_now=True)

    class Meta:
        verbose_name = '商品类别'
        verbose_name_plural = verbose_name

    def __str__(self):
        return self.name


# @python_2_unicode_compatible
class Manufacturer(models.Model):
    """
    生产厂商
    """
    name = models.CharField(max_length=200)
    description = models.TextField()
    logo = models.ImageField(blank=True, null=True, max_length=200, upload_to='manufacturer/uploads/%Y/%m/%d/')
    created = models.DateTimeField(auto_now_add=True)
    updated = models.DateTimeField(auto_now=True)

    def __str__(self):
        return self.name


# @python_2_unicode_compatible
class Product(models.Model):
    """
    产品
    """
    model = models.CharField(max_length=200,verbose_name='型号')
    description = models.TextField()
    image = models.ImageField(max_length=200, upload_to='product/uploads/%Y/%m/%d/')
    price = models.DecimalField(max_digits=12, decimal_places=2, verbose_name='价格')
    sold = models.PositiveIntegerField(default=0)
    category = models.ForeignKey(Category, related_name='product_in', on_delete=models.CASCADE, verbose_name='类别')
    manufacturer = models.ForeignKey(Manufacturer, related_name='product_of', on_delete=models.CASCADE)
    created = models.DateTimeField(auto_now_add=True)
    updated = models.DateTimeField(auto_now=True)

    class Meta:
        verbose_name = '产品'
        verbose_name_plural = verbose_name

    def __str__(self):
        return self.model


# @python_2_unicode_compatible
class DeliveryAddress(models.Model):
    """
    收货地址
    """
    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name='delivery_address_of', )
    contact_person = models.CharField(max_length=200)
    contact_mobile_phone = models.CharField(max_length=200)
    delivery_address = models.TextField()
    created = models.DateTimeField(auto_now_add=True)
    updated = models.DateTimeField(auto_now=True)

    def __str__(self):
        return self.delivery_address


# @python_2_unicode_compatible
class UserProfile(models.Model):
    """
    用户档案
    """
    user = models.OneToOneField(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name='profile_of', )
    mobile_phone = models.CharField(blank=True, null=True, max_length=200)
    nickname = models.CharField(blank=True, null=True, max_length=200)
    description = models.TextField(blank=True, null=True)
    icon = models.ImageField(blank=True, null=True, max_length=200, upload_to='user/uploads/%Y/%m/%d/')
    created = models.DateTimeField(auto_now_add=True)
    updated = models.DateTimeField(auto_now=True)
    delivery_address = models.ForeignKey(DeliveryAddress, related_name='user_delivery_address',
                                         on_delete=models.CASCADE, blank=True, null=True, )


# @python_2_unicode_compatible
class Order(models.Model):
    """
    订单
    """
    STATUS_CHOICES = (
        ('0', 'new'),
        ('1', 'not paid'),
        ('2', 'paid'),
        ('3', 'transport'),
        ('4', 'closed'),
    )
    status = models.CharField(choices=STATUS_CHOICES, default='0', max_length=2)
    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name='order_of', )
    remark = models.TextField(blank=True, null=True)
    product = models.ForeignKey(Product, related_name='order_product', on_delete=models.CASCADE)
    price = models.DecimalField(max_digits=12, decimal_places=2)
    quantity = models.PositiveIntegerField(default=1)
    address = models.ForeignKey(DeliveryAddress, related_name='order_address', on_delete=models.CASCADE)
    created = models.DateTimeField(auto_now_add=True)
    updated = models.DateTimeField(auto_now=True)

    def __str__(self):
        return 'order of %d' % (self.user.id)

创建序列化器

用Django开发RESTful风格的API存在着很多重复的步骤。过程往往都是,
(1)把到前端请求的过来的json字符串,然后通过json.loads转换为字典,字典在转换为对象,保存在数据库。
(2)返回的时候呢,都是先把对象查询出来,然后转换为字典,再通过JsonResponse转换为json字符串并且返回给前端。
接口的开发,基本就是在重复这两个动作,而且这两个动作语句特别多,序列化就是来解决这个问题。

  1. 序列化,序列化器会把模型对象转换成字典,经过response以后变成json字符串
  2. 反序列化,把客户端发送过来的数据,经过request以后变成字典,序列化器可以把字典转成模型
  3. 反序列化,完成数据校验功能

serializers.py

from django.contrib.auth.models import User
from rest_framework import serializers

from computerapp.models import Product, Manufacturer, UserProfile, DeliveryAddress, Order


class ProductListSerializer(serializers.ModelSerializer):
    class Meta:
        model = Product
        fields = ('id', 'model', 'image', 'price', 'sold', 'category', 'manufacturer',)


class ManufacturerSerializer(serializers.ModelSerializer):
    class Meta:
        model = Manufacturer
        fields = ('id', 'name',)


class CategorySerializer(serializers.ModelSerializer):
    class Meta:
        model = Manufacturer
        fields = ('id', 'name',)


class ProductRetrieveSerializer(serializers.ModelSerializer):
    manufacturer = ManufacturerSerializer()  # 获取厂商对象,替换下面的字段
    category = CategorySerializer()  # 获取类别对象,替换下面的字段

    class Meta:
        model = Product
        fields = (
            'id', 'model', 'image', 'price', 'sold', 'category', 'manufacturer', 'description', 'created', 'updated',)


class UserProfileSerializer(serializers.ModelSerializer):
    class Meta:
        model = UserProfile
        fields = ('id', 'user', 'mobile_phone', 'nickname', 'description', 'icon', 'created', 'updated',)
        read_only_fields = ('user',)


class UserInfoSerializer(serializers.ModelSerializer):
    profile_of = UserProfileSerializer()

    class Meta:
        model = User
        fields = ('id', 'username', 'email', 'first_name', 'last_name', 'date_joined', 'profile_of',)


class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ('id', 'username', 'password', 'email', 'first_name', 'last_name',)
        extra_kwargs = {'password': {'write_only': True}}

    def create(self, validated_data):
        user = User(**validated_data)  # 接受前端传过来的用户名和密码,关键字参数
        user.set_password(validated_data['password'])  # 通过字典方式调用
        user.save()  # 保存到内存中
        user_profile = UserProfile(user=user)
        user_profile.save()
        return user


class DeliveryAddressSerilizer(serializers.ModelSerializer):
    '''收货地址'''

    class Meta:
        model = DeliveryAddress
        fields = ('id', 'user', 'contact_person', 'contact_mobile_phone', 'delivery_address', 'created', 'updated',)
        read_only_fields = ('user',)  # 设置为只读类型,不能在前端修改


class OrderListSerializer(serializers.ModelSerializer):
    product = ProductListSerializer()
    address = DeliveryAddressSerilizer()

    class Meta:
        model = Order
        fields = ('id', 'status', 'user', 'product', 'price', 'quantity', 'remark', 'address', 'created', 'updated',)


class OrderCreateSerializer(serializers.ModelSerializer):
    class Meta:
        model = Order
        fields = ('id', 'status', 'user', 'product', 'price', 'quantity', 'remark', 'address', 'created', 'updated',)
        read_only_fields = ('user', 'price', 'address', 'status',)


class OrderRUDSerializer(serializers.ModelSerializer):
    class Meta:
        model = Order
        fields = ('id',)

创建视图类

views.py

from rest_framework import generics
from rest_framework import permissions
from rest_framework.exceptions import NotFound
from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.pagination import LimitOffsetPagination

from rest_framework.response import Response
from rest_framework.views import APIView

from computerapp.models import Product, DeliveryAddress, UserProfile, Order
from computerapp.serializers import ProductListSerializer, ProductRetrieveSerializer, UserInfoSerializer, \
    UserSerializer, DeliveryAddressSerilizer, UserProfileSerializer, OrderListSerializer, OrderCreateSerializer, \
    OrderRUDSerializer

import logging
import datetime
import json

LOG_FILENAME = 'shop.log'

# logging.basicConfig(filename=LOG_FILENAME,level = logging.DEBUG)
logging.basicConfig(filename=LOG_FILENAME, level=logging.INFO)


# Create your views here.
class ProductListView(generics.ListAPIView):
    '''产品列表'''
    queryset = Product.objects.all()
    serializer_class = ProductListSerializer
    permissin_classes = (permissions.AllowAny,)
    filter_backends = (OrderingFilter, SearchFilter)  # 过滤选项
    ordering_fields = ('category', 'manufacturer', 'created', 'sold',)  # 排序字段
    search_fields = ('description', 'model')  # 搜索字段
    ordering = ('id',)
    pagination_class = LimitOffsetPagination  # 分页 请求加 ?limit = xx


class ProductListByCategoryView(generics.ListAPIView):
    '''产品类别列表'''
    serializer_class = ProductListSerializer
    permissin_classes = (permissions.AllowAny,)
    filter_backends = (OrderingFilter, SearchFilter)
    ordering_fields = ('category', 'manufacturer', 'created', 'sold', 'stock', 'price',)
    search_fields = ('description',)
    ordering = ('id',)
    '''查询集根据条件获取'''

    def get_queryset(self):
        category = self.request.query_params.get('category', None)

        if category is not None:
            queryset = Product.objects.filter(category=category)
        else:
            queryset = Product.objects.all()

        return queryset


class ProductListByCategoryManufacturerView(generics.ListAPIView):
    '''产品按类别品牌列表'''
    serializer_class = ProductListSerializer
    permissin_classes = (permissions.AllowAny,)
    filter_backends = (OrderingFilter, SearchFilter)
    ordering_fields = ('category', 'manufacturer', 'created', 'sold', 'stock', 'price',)
    search_fields = ('description',)
    ordering = ('id',)

    def get_queryset(self):
        category = self.request.query_params.get('category', None)
        manufacturer = self.request.query_params.get('manufacturer', None)

        if category is not None:
            queryset = Product.objects.filter(category=category, manufacturer=manufacturer)
        else:
            queryset = Product.objects.all()

        return queryset


class ProductRetrieveView(generics.RetrieveAPIView):
    queryset = Product.objects.all()
    serializer_class = ProductRetrieveSerializer
    permission_classes = (permissions.AllowAny,)


class UserInfoView(APIView):
    '''用户基本信息'''
    permission_classes = (permissions.IsAuthenticated,)

    def get(self, request, format=None):
        user = self.request.user
        serializer = UserInfoSerializer(user)
        return Response(serializer.data)


class UserProfileRUView(generics.RetrieveUpdateAPIView):
    '''用户其他信息'''
    serializer_class = UserProfileSerializer
    permission_classes = (permissions.IsAuthenticated,)

    def get_object(self):
        user = self.request.user
        obj = UserProfile.objects.get(user=user)
        return obj


class UserCreateView(generics.CreateAPIView):
    '''用户创建'''
    serializer_class = UserSerializer


class DeliveryAddressLCView(generics.ListCreateAPIView):
    '''收货地址LC'''
    serializer_class = DeliveryAddressSerilizer  # 没有加LC,因为较简单
    permission_classes = (permissions.IsAuthenticated,)  # 需要登陆认证

    def get_queryset(self):
        user = self.request.user
        queryset = DeliveryAddress.objects.filter(user=user)  # 模型来的对象
        return queryset

    def perform_create(self, serializer):
        user = self.request.user
        s = serializer.save(user=user)
        profile = user.profile_of  # profile_of 反向关系,从models来
        profile.delivery_address = s  # 把新创建的收货地址设为默认地址存入用户扩展信息中
        profile.save()


class DeliveryAddressRUDView(generics.RetrieveUpdateDestroyAPIView):
    '''收货地址RUD'''
    serializer_class = DeliveryAddressSerilizer
    permission_classes = (permissions.IsAuthenticated,)

    def get_object(self):
        user = self.request.user
        # obj =DeliveryAddress.objects.get(user=user)
        try:
            obj = DeliveryAddress.objects.get(id=self.kwargs['pk'], user=user)  # id由前端传来,一个用户有多个id
        except Exception as e:
            raise NotFound('no found')
        return obj


class CartListView(generics.ListAPIView):
    '''购物车列表'''
    serializer_class = OrderListSerializer  # 可以和订单公用一个序列器
    permissin_classes = (permissions.IsAuthenticated,)

    def get_queryset(self):
        user = self.request.user
        queryset = Order.objects.filter(user=user, status='0')  # 我的状态为零的,表示在购物车
        return queryset


class OrderListView(generics.ListAPIView):
    '''订单列表'''
    serializer_class = OrderListSerializer  # 和cart公用一个序列器
    permissin_classes = (permissions.IsAuthenticated,)

    def get_queryset(self):
        user = self.request.user
        queryset = Order.objects.filter(user=user, status__in=['1', '2', '3', '4'])  # status__in 是django用法,表示值在。。范围
        return queryset


class OrderCreateView(generics.CreateAPIView):
    '''创建订单'''
    queryset = Order.objects.all()
    serializer_class = OrderCreateSerializer
    permission_classes = (permissions.IsAuthenticated,)

    def perform_create(self, serializer):
        user = self.request.user
        product = serializer.validated_data.get('product')
        serializer.save(user=user, price=product.price, address=user.profile_of.delivery_address, )

        logging.info('user %d cart changed,product %d related.Time is %s.', user.id, product.id,
                     str(datetime.datetime.now()))


class OrderRUDView(generics.RetrieveUpdateDestroyAPIView):
    '''OrderRUD'''
    serializer_class = OrderRUDSerializer
    permission_classes = (permissions.IsAuthenticated,)

    def get_object(self):
        user = self.request.user
        obj = Order.objects.get(user=user, id=self.kwargs['pk'])
        return obj

    def perform_update(self, serializer):
        user = self.request.user
        serializer.save(user=user, status='1')

过滤组件与分页组件的使用简介

# views.py

# drf提供两种过滤组件类:全文搜索、排序
from rest_framework.filters import SearchFilter, OrderingFilter
from django_filters.rest_framework import DjangoFilterBackend

# 通过安装第三方库django-filter,即可使用第三种过滤组件:分类
from django_filters.rest_framework import DjangoFilterBackend

# drf提供三种分页类
from rest_framework.pagination import PageNumberPagination, LimitOffsetPagination, CursorPagination


class CourseViewSet(GenericViewSet, ListModelMixin):
    # 过滤组件
    filter_backends = [SearchFilter, OrderingFilter, DjangoFilterBackend]

    # 过滤:全文搜索
    search_fields = ['name']  # 按数据库非外键字段,包含了目标参数即可匹配

    # 过滤:分类搜索
    fields = []  # 按数据库字段,包括外键字段,完全相等才匹配到结果
    filter_class = CourseFilterSet  # 按设置的分类规则进行分类,优先级大于按字段分类

    # 过滤:排序
    ordering_fields = []  # 按数据库字段,包括外键字段
    
    # 分页组件
    pagination_class = PageNumberPagination
    # pagination_class = LimitOffsetPagination
    
    # 分页参数配置:PageNumberPagination
    page_size = 100  # 每页显示最多的数目
    page_query_param = 'page'  # 前端发送的分页的页数参数的关键字名,默认位"page"
    page_size_query_param = 'page_size'  # 前端发送的每页数目参数的关键字名,默认位None
    max_page_size = None  # 前端最多能设置的每页数量
    
    # 分页参数配置:LimitOffsetPagination
    '''
    default_limit = 100  # 每页显示最多的数目,默认配置与page_size相同,api_settings.PAGE_SIZE
    limit_query_param = 'limit'
    offset_query_param = 'offset'  # 偏移多少数目的参数的关键字名
    max_limit = None
    '''

过滤组件和分页组件的入口函数

过滤与分页均只对群查接口有意义,因此只在群查中使用,即list()方法中调用组件的入口函数

但是组件的入口函数,是定义在GenericAPIView中的

class GenericAPIView(views.APIView):
    def filter_queryset(self, queryset):
        pass
    
    def paginate_queryset(self, queryset):
        pass
    

过滤组件:分类filter_class

from . import models
from django_filters.filterset import FilterSet
from django_filters import filters
class CourseFilterSet(FilterSet):
    # 通过NumberFilter类自定义分类字段
    # 如下定义两个区间分类字段:teacher_id大于min_price和teacher_id小于max_price
    min_price = filters.NumberFilter(field_name='teacher_id', lookup_expr='gte')
    max_price = filters.NumberFilter(field_name='teacher_id', lookup_expr='lte')
    
    class Meta:
        model = models.Course
        fields = ['参与分类的数据库字段']  # 自定义的min_price、max_price字段不需要写在fields里面

创建路由

urls.py

"""eshop URL Configuration
项目urls
"""
from django.conf import settings
from django.conf.urls.static import static
from django.contrib import admin
from django.urls import path, include
from rest_framework.authtoken import views

urlpatterns = [
    path('admin/', admin.site.urls),
    path('computer/', include('computerapp.urls')),
    path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),   # 增加api认证
    path('api-token-auth/', views.obtain_auth_token),    # 获得token,利用rest框架自身功能实现

]


# 如果开启debug模式,使用media文件需要加入以下设置
if settings.DEBUG:
    urlpatterns += static(settings.MEDIA_URL,document_root=settings.MEDIA_ROOT)

应用urls

from django.urls import path
from rest_framework.urlpatterns import format_suffix_patterns
from computerapp import views


urlpatterns = [
    path('user_info/', views.UserInfoView.as_view()),
    path('user_profile_ru//', views.UserProfileRUView.as_view()),
    path('product_list/', views.ProductListView.as_view()),
    path('product_list_by_category/', views.ProductListByCategoryView.as_view()),
    path('product_list_by_category_manufacturer/', views.ProductListByCategoryManufacturerView.as_view()),
    path('product_retrieve//', views.ProductRetrieveView.as_view()),
    path('user_create/', views.UserCreateView.as_view()),
    path('delivery_address_lc/', views.DeliveryAddressLCView.as_view()),
    path('delivery_address_rud//', views.DeliveryAddressRUDView.as_view()),
    path('cart_list/', views.CartListView.as_view()),
    path('order_list/', views.OrderListView.as_view()),
    path('order_create/', views.OrderCreateView.as_view()),
    path('order_rud//', views.OrderRUDView.as_view()),

]

urlpatterns = format_suffix_patterns(urlpatterns)

增加用户信息

model使用时系统自带的用户user

views增加用户基本信息

Django RestFramework_第8张图片

serializers增加

Django RestFramework_第9张图片

urls增加

Django RestFramework_第10张图片

models增加用户扩展信息

Django RestFramework_第11张图片

增加认证功能

认证方法

流程
前端通过用户名密码访问token获取接口,获取token,存储在本地,以后再访问需要认证的资源,可以带着这个token访问接口,后端即认为是此用户名密码用户访问。
目前常用的为客户端webstorage,服务端token;cookie和session方法不再常用
Django RestFramework_第12张图片

使用token方法

要使用 TokenAuthentication 方案 ,需要在setting包含rest_framework.authtoken应用项;并且配置认证类包含TokenAuthentication。

INSTALLED_APPS = [
    ...
    'rest_framework.authtoken'
]

增加认证类
在这里插入图片描述
当使用 TokenAuthentication, 你可能需要通过提供用户名和密码而获得token这样一个机制。REST framework提供了一个内置的 view 来实现这个功能。只需要添加 obtain_auth_token view 到你的 URLconf就可以使用它。

from rest_framework.authtoken import views
urlpatterns += [
    path('api-token-auth/', views.obtain_auth_token)
]

用户前端访问这个接口,只需要这一行代码即完成token的生成并返回。
Note that the URL part of the pattern can be whatever you want to use.

The obtain_auth_token view will return a JSON response when valid username and password fields are POSTed to the view using form data or JSON:

{ 'token' : '9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b' }

配置完成后的数据库迁移

manage.py makemigrations 
manage.py migrate


rest_framework.authtoken
应用提供了数据库迁移。

C:\djproject\eshop>python manage.py makemigrations
Migrations for 'computerapp':
  computerapp\migrations\0002_auto_20210404_1048.py
    - Change Meta options on category
    - Change Meta options on product
    - Alter field name on category
    - Alter field category on product
    - Alter field model on product
    - Alter field price on product

C:\djproject\eshop>python manage.py migrate
Operations to perform:
  Apply all migrations: admin, auth, authtoken, computerapp, contenttypes, sessions
Running migrations:
  Applying computerapp.0002_auto_20210404_1048... OK

以上第一条记录auth, authtoken,数据迁移。
以下是先做,报了错误,修改后然后做的上面步骤。

C:\djproject\eshop>python manage.py migrate
System check identified some issues:

WARNINGS:
?: (rest_framework.W001) You have specified a default PAGE_SIZE pagination rest_framework setting, without specifying also a DEFAULT_PAGINATION_CLASS.
        HINT: The default for DEFAULT_PAGINATION_CLASS is None. In previous versions this was PageNumberPagination. If you wish to define PAGE_SIZE globally whilst defining pagination_
class on a per-view basis you may silence this check.
Operations to perform:
  Apply all migrations: admin, auth, authtoken, computerapp, contenttypes, sessions
Running migrations:
  Applying admin.0003_logentry_add_action_flag_choices... OK
  Applying auth.0009_alter_user_last_name_max_length... OK
  Applying auth.0010_alter_group_name_max_length... OK
  Applying auth.0011_update_proxy_permissions... OK
  Applying auth.0012_alter_user_first_name_max_length... OK
  Applying authtoken.0003_tokenproxy... OK

在根urls增加

在这里插入图片描述
第一行为引入views
第二行为增加认证功能
第三行为获得token功能,利用了rest自带功能

你可能感兴趣的:(django,sqlite,python)