drf视图组件、认证组件

视图组件

1.基本视图

url(r'^publish/$', views.PublishView.as_view()),
url(r'^publish/(?P<pk>d+)/$', views.PublishDetailView.as_view()),

class PublishSerializers(serializers.ModelSerializer):
    class Meta:
        model=models.Publish
        fields='__all__'

class PublishView(APIView):

    def get(self, request):
        publish_list = models.Publish.objects.all()
        bs = PublishSerializers(publish_list, many=True)
        # 序列化数据

        return Response(bs.data)

    def post(self, request):
        # 添加一条数据
        print(request.data)

        bs=PublishSerializers(data=request.data)
        if bs.is_valid():
            bs.save()  # 生成记录
            return Response(bs.data)
        else:

            return Response(bs.errors)

class PublishDetailView(APIView):
    def get(self,request,pk):
        publish_obj=models.Publish.objects.filter(pk=pk).first()
        bs=PublishSerializers(publish_obj,many=False)
        return Response(bs.data)
    def put(self,request,pk):
        publish_obj = models.Publish.objects.filter(pk=pk).first()

        bs=PublishSerializers(data=request.data,instance=publish_obj)
        if bs.is_valid():
            bs.save() # update
            return Response(bs.data)
        else:
            return Response(bs.errors)
    def delete(self,request,pk):
        models.Publish.objects.filter(pk=pk).delete()

        return Response("")

2.mixin类和generice类编写视图

from rest_framework.mixins import CreateModelMixin,RetrieveModelMixin,ListModelMixin,UpdateModelMixin,DestroyModelMixin
from rest_framework.generics import GenericAPIView
# 注：使用mixin类时要继承GenericAPIView类
class PublishView(ListModelMixin,CreateModelMixin,GenericAPIView):
    queryset=models.Publish.objects.all()
    serializer_class=PublishSerializers

    def get(self, request):
        return self.list(request)

    def post(self, request):
        return self.create(request)

class PublishDetailView(RetrieveModelMixin,UpdateModelMixin,DestroyModelMixin,GenericAPIView):
    queryset=models.Publish.objects.all()
    serializer_class=PublishSerializers
    def get(self,request,*args,**kwargs):
        return self.retrieve(request,*args,**kwargs)
    def put(self,request,*args,**kwargs):
        return self.update(request,*args,**kwargs)
    def delete(self,request,*args,**kwargs):
        return self.destroy(request,*args,**kwargs)

3.使用generics 下ListCreateAPIView,RetrieveUpdateDestroyAPIView

from rest_framework.generics import ListCreateAPIView,RetrieveUpdateDestroyAPIView
class PublishView(ListCreateAPIView):
    queryset=models.Publish.objects.all()
    serializer_class=PublishSerializers

class PublishDetailView(RetrieveUpdateDestroyAPIView):
    queryset=models.Publish.objects.all()
    serializer_class=PublishSerializers

4.使用ModelViewSet

路由层：

url(r'^publish/$', views.PublishView.as_view({'get':'list','post':'create'})),
url(r'^publish/(?P<pk>d+)/$', views.PublishView.as_view({'get':'retrieve','put':'update','delete':'destroy'})),

视图层：

from rest_framework.viewsets import ModelViewSet
class PublishView(ModelViewSet):
    queryset=models.Publish.objects.all()
    serializer_class=PublishSerializers

5.ViewSetMixin的使用

#ViewSetMixin重写了as_view方法

from rest_framework.viewsets import ViewSetMixin
    class Publish(ViewSetMixin,APIView):
        def aa(self,request):
        return HttpResponse('aa')    

路由层：

url(r'^test', views.Publish.as_view({'get':'aa'}))

认证组件

1.什么是认证？

校验是否是登录用户。只有认证通过的用户才能访问指定的url地址，比如：查询所有图书信息，需要登录之后才能查看，没有登录，就不能查看，这时就需要用到认证组件。

2.drf中是如何实现认证的（源码分析）？

#首先是执行APIView中的dispatch方法
--->执行self.initial(request, *args, **kwargs)
--->self.perform_authentication(request)
--->APIView的perform_authentication(request)
--->request.user(request是新的request)
--->去Request类中找user,执行--->self._authenticate()(self是新的reqeust对象)---->Request类的_authenticate(self)方法

3.使用认证功能

1.写一个类,MyAuthetication

2.写两个方法,一个是authenticate,一个是authenticate_header(继承BaseAuthentication类后，可以不用写)

3.在authenticate方法中写认证逻辑,认证通过,返回空,认证不通过,抛异常

class MyAuthetication(BaseAuthentication):
    def authenticate(self,request):
        token=request.GET.get('token')
                        
    ret=models.UserToken.objects.filter(token=token).first()
    if ret:
        return None
    else:
        raise AuthenticationFailed('您没有通过认证')
    def authenticate_header(self,request):
    　　pass    

4.在要认证的视图类中：

class BooksView(APIView):
    authentication_classes = [MyAuthentication, ]

    def get(self, request):
        book_list = models.Book.objects.all()
        book_ser = BookSerialzers(instance=book_list, many=True)
        return Response(book_ser.data)

 总结：局部使用，只需要在视图类中加入：

authentication_classes = [MyAuthentication, ]

4.全局使用

在settings.py文件中配置：

REST_FRAMEWORK={
    "DEFAULT_AUTHENTICATION_CLASSES":["app01.my_auth.MyAuthentication",]
}

局部禁用：

在视图类中加入：

authentication_classes = []

认证类使用顺序：先用视图类中的验证类，再用settings里配置的验证类，最后用默认的验证类