rest_framework自己总结的
settings.py
REST_FRAMEWORK = { "DEFAULT_VERSIONING_CLASS": "rest_framework.versioning.URLPathVersioning", "DEFAULT_VERSION": "v1", "ALLOWED_VERSIONS": ["v1", "v2"], "VERSION_PARAM": "version", # "DEFAULT_AUTHENTICATION_CLASSES": ["utils.Auth.MyAuth"], "DEFAULT_THROTTLE_RATES": { "WD": "3/m" } }
urls.py
from django.conf.urls import url from django.contrib import admin # from serializers.views import StudentAPIView, StudentEditView, BooksAPIView from serializers.views import StudentView, VersionView, UserView, TestAuthView,BookPageView urlpatterns = [ url(r'^admin/', admin.site.urls), # url(r'^api/students', StudentAPIView.as_view()), # get post请求 # url(r'^api/student/(?P<id>\d+)', StudentEditView.as_view()), #带有id的get patch delete请求 # 使用我们自己写的ModelViewSet,继承ViewSetMixin进行请求的分发 # url(r'^api/students', BooksAPIView.as_view({"get": "list", "post": "create"})), # url(r'^api/student/(?P<id>\d+)', BooksAPIView.as_view({"get": "retrieve", "patch": "update", "delete": "destroy"})), # 使用rest_framework自带的ModelViewSet进行请求的分发,这里要注意url携带的命名参数,名字应该是pk # url(r'^api/students', BooksAPIView.as_view({"get": "list", "post": "create"})), # url(r'^api/student/(?P<pk>\d+)', BooksAPIView.as_view({"get": "retrieve", "patch": "update", "delete": "destroy"})), # 自己写的测试版二,可以通用的版本 # url(r'^api/student$', StudentView.as_view()), # url(r'^api/student/(?P<id>\d+)', StudentView.as_view()), # 带版本控制的 url(r'^(?P<version>[v1|v2]+)/api/student$', StudentView.as_view()), # http://127.0.0.1:8000/v1/api/student url(r'^(?P<version>[v1|v2]+)/api/student/(?P<id>\d+)', StudentView.as_view()), # 版本控制测试 url(r'^(?P<version>[v1|v2]+)/book$', VersionView.as_view()), # 认证测试,权限测试,频率测试 url(r'^user$', UserView.as_view()), url(r'^test', TestAuthView.as_view()), # http://127.0.0.1:8000/test?token=20609ddd01fe4faeb0ffe7d8d8c39881 # 分页测试 url(r'^book_page', BookPageView.as_view()), # http://127.0.0.1:8000/book_page?page=1&size=1 # http://127.0.0.1:8000/book_page?limit=2&offset=0 # http://127.0.0.1:8000/book_page ]
utils文件夹下的文件 Auth.py(认证) pagenation.py(分页) permissions.py(权限) throttle(频率)
# Auth.py from rest_framework.authentication import BaseAuthentication from rest_framework.exceptions import AuthenticationFailed from serializers.models import UserInfo from rest_framework.response import Response class MyAuth(BaseAuthentication): def authenticate(self, request): # 第一步先拿到前端传过来的token token = request.query_params["token"] # 验证token是否存在 user_obj = UserInfo.objects.filter(token=token).first() if user_obj: return (user_obj, token) else: raise AuthenticationFailed("认证失败") # pagenation.py from rest_framework import pagination # 分页 class MyPagenation(pagination.PageNumberPagination): page_size = 2 page_query_param = 'page' page_size_query_param = "size" max_page_size = 3 class MyLimitPage(pagination.LimitOffsetPagination): default_limit = 1 limit_query_param = 'limit' # limit限制每页显示的个数 offset_query_param = 'offset' # 相对第一个数据的偏移量 max_limit = 2 class MyCursorPage(pagination.CursorPagination): cursor_query_param = 'cursor' page_size = 2 ordering = '-id' # permissions.py class MyPermission(object): message = "您没有权限,请充值" def has_permission(self, request, view): # 权限逻辑 有权限返回True 没有返回False # 认证是在权限前面执行 # request.user user_obj user_obj = request.user if user_obj.type == 1: return True else: return False # throttle.py from rest_framework import throttling # 频率 import time VISIT_RECORD = {} class MyThrottle(object): """ 60秒访问3次 """ def __init__(self): self.history = None def allow_request(self, request, view): """ 频率限制的逻辑 通过返回True 不通过返回False :param request: :param view: :return: """ # 获取用户IP ip = request.META.get("REMOTE_ADDR") # 判断ip是否在访问记录里 now = time.time() if ip not in VISIT_RECORD: VISIT_RECORD[ip] = [now,] # 如果ip在访问记录里 history = VISIT_RECORD[ip] # 把当然访问时间添加到列表最前面 history.insert(0, now) # 确保列表内的时间都是范围内时间 while history and now - history[-1] > 60: history.pop() self.history = history # 看列表长度是否符合限制次数 if len(history) <= 3: # 经过这样的限制后,history列表中(60秒内)最多有三次访问记录,列表中最后的数据是据现在60秒内最早的访问记录(访问时间) return True else: return False def wait(self): """ 返回还剩多久可以访问 :return: """ now = time.time() return 60 - (now - self.history[-1]) class MyVisitThrottle(throttling.SimpleRateThrottle): scope = "WD" """ 第一 自己的类里要有scope 第二 settings DEFAULT_THROTTLE_RATES 第三 DEFAULT_THROTTLE_RATES = { scope配置的变量值:xxx} 第四 重写 get_cache_key(self, request, view) """ def get_cache_key(self, request, view): return self.get_ident(request)
views.py
from django.shortcuts import render from rest_framework.views import APIView from rest_framework.response import Response from .models import Student,UserInfo from .serializers import StudentSerializer from utils.Auth import MyAuth from utils.permissions import MyPermission from utils.throttle import MyThrottle, MyVisitThrottle import uuid from utils.pagenation import MyPagenation,MyLimitPage,MyCursorPage from rest_framework.viewsets import ViewSetMixin, ModelViewSet # Create your views here. """ class GenericAPIView(APIView): queryset = None serializer_class = None def get_queryset(self): return self.queryset.all() def get_serializer(self, *args, **kwargs): return self.serializer_class(*args, **kwargs) class ListModelMixin(object): def list(self, request): queryset = self.get_queryset() ser_obj = self.get_serializer(queryset, many=True) return Response(ser_obj.data) class CreateModelMixin(object): def create(self, request): ser_obj = self.get_serializer(data=request.data) if ser_obj.is_valid(): print(ser_obj.validated_data) ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) class All(GenericAPIView, ListModelMixin, CreateModelMixin): pass class RetrieveModelMixin(object): def retrieve(self, request, id): student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(student_obj) return Response(ser_obj.data) class UpdateModelMixin(object): def update(self, request, id): student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(instance=student_obj, data=request.data, partial=True) if ser_obj.is_valid(): ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) class DestroyModelMixin(object): def destroy(self, request, id): student_obj = self.get_queryset().filter(id=id).first() if student_obj: student_obj.delete() return Response("") else: return Response("删除对象不存在") class EditAll(GenericAPIView, RetrieveModelMixin, UpdateModelMixin, DestroyModelMixin): pass class StudentAPIView(All): queryset = Student.objects.all() serializer_class = StudentSerializer def get(self, request): return self.list(request) def post(self, request): return self.create(request) class StudentEditView(EditAll): queryset = Student.objects.all() serializer_class = StudentSerializer def get(self, request, id): # 不知道为什么这里的形参id的名字必须与url(?P<id>\d+)中传递参数的名字一样,可能这里传的是关键字参数吧 return self.retrieve(request, id) def patch(self, request, id): return self.update(request, id) def delete(self, request, id): return self.destroy(request, id) # class ModelViewSet(ViewSetMixin, All, EditAll): # 打开注释用的是自己写的ModelViewSet,不打开用的是rest_framework封装好的ModelViewSet # pass class BooksAPIView(ModelViewSet): queryset = Student.objects.all() serializer_class = StudentSerializer """ """ # 自己的测试版一 class GenericAPIView(APIView): queryset = None serializer_class = None def get_queryset(self): return self.queryset.all() def get_serializer(self, *args, **kwargs): return self.serializer_class(*args, **kwargs) class RetrieveModelMixin(object): def retrieve(self, request, id): if not id: queryset = self.get_queryset() ser_obj = self.get_serializer(queryset, many=True) else: student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(student_obj) return Response(ser_obj.data) class CreateModelMixin(object): def create(self, request): ser_obj = self.get_serializer(data=request.data) if ser_obj.is_valid(): print(ser_obj.validated_data) ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) class UpdateModelMixin(object): def update(self, request, id): student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(instance=student_obj, data=request.data, partial=True) if ser_obj.is_valid(): ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) class DestroyModelMixin(object): def destroy(self, request, id): student_obj = self.get_queryset().filter(id=id).first() if student_obj: student_obj.delete() return Response("") else: return Response("删除对象不存在") class All(GenericAPIView,RetrieveModelMixin,CreateModelMixin,UpdateModelMixin,DestroyModelMixin): pass class StudentView(All): queryset = Student.objects.all() serializer_class = StudentSerializer def get(self, request, id=None): return self.retrieve(request, id) def post(self, request,id=None): return self.create(request) def patch(self, request, id=None): return self.update(request, id) def delete(self, request, id=None): return self.destroy(request, id) """ """ # 自己的测试版二,这版整理的比较好可以通用 class GenericAPIView(APIView): queryset = None serializer_class = None def get_queryset(self): return self.queryset.all() def get_serializer(self, *args, **kwargs): return self.serializer_class(*args, **kwargs) def retrieve(self, request, id): if not id: queryset = self.get_queryset() ser_obj = self.get_serializer(queryset, many=True) else: student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(student_obj) return Response(ser_obj.data) def create(self, request): ser_obj = self.get_serializer(data=request.data) if ser_obj.is_valid(): print(ser_obj.validated_data) ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) def update(self, request, id): student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(instance=student_obj, data=request.data, partial=True) if ser_obj.is_valid(): ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) def destroy(self, request, id): student_obj = self.get_queryset().filter(id=id).first() if student_obj: student_obj.delete() return Response("") else: return Response("删除对象不存在") class StudentView(GenericAPIView): queryset = Student.objects.all() serializer_class = StudentSerializer def get(self, request, id=None): return self.retrieve(request, id) def post(self, request,id=None): return self.create(request) def patch(self, request, id=None): return self.update(request, id) def delete(self, request,id=None): return self.destroy(request, id) """ # url带版本验证 class GenericAPIView(APIView): queryset = None serializer_class = None def get_queryset(self): return self.queryset.all() def get_serializer(self, *args, **kwargs): return self.serializer_class(*args, **kwargs) def retrieve(self, request,version, id): if not id: queryset = self.get_queryset() ser_obj = self.get_serializer(queryset, many=True) else: student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(student_obj) return Response(ser_obj.data) def create(self, request): ser_obj = self.get_serializer(data=request.data) if ser_obj.is_valid(): print(ser_obj.validated_data) ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) def update(self, request, id): student_obj = self.get_queryset().filter(id=id).first() ser_obj = self.get_serializer(instance=student_obj, data=request.data, partial=True) if ser_obj.is_valid(): ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors) def destroy(self, request, id): student_obj = self.get_queryset().filter(id=id).first() if student_obj: student_obj.delete() return Response("") else: return Response("删除对象不存在") class StudentView(GenericAPIView): queryset = Student.objects.all() serializer_class = StudentSerializer def get(self, request,version=None, id=None): # 这里做些版本控制的逻辑,不同版本请求做不同处理,当然这里的逻辑最好还是写到GenericAPIView类里面 if request.version == "v1": return Response("v1版本的返回") elif request.version == "v2": return Response("v2版本的返回") return self.retrieve(request,version, id) def post(self, request,version=None,id=None): return self.create(request) def patch(self, request,version=None, id=None): return self.update(request, id) def delete(self, request,version=None, id=None): return self.destroy(request, id) class VersionView(APIView): def get(self, request, version): print(request.version) print(request.versioning_scheme) if request.version == "v1": return Response("v1版本的返回") elif request.version == "v2": return Response("v2版本的返回") return Response("版本不存在") class UserView(APIView): def post(self, request): # 这相当于注册 username = request.data["username"] UserInfo.objects.create(username=username, token=uuid.uuid4()) return Response("ok") class TestAuthView(APIView): authentication_classes = [MyAuth,] # 这里是局部注册认证,写在settings中是全局注册 permission_classes = [MyPermission, ] throttle_classes = [MyThrottle, ] # 使用自己写的 # throttle_classes = [MyVisitThrottle, ] # 使用提供的频率控制 # 这相当于登录的认证 def get(self, request): print(request.user) print(request.auth) return Response("认证测试") from rest_framework.negotiation import DefaultContentNegotiation class BookPageView(APIView): def get(self, request): queryset = Student.objects.all() my_pagenation = MyPagenation() # page size分页方法 # my_pagenation = MyLimitPage() # limit offset分页方法 # my_pagenation = MyCursorPage() # cursor 游标分页 page_queryset = my_pagenation.paginate_queryset(queryset, request, view=self) ser_obj = StudentSerializer(page_queryset, many=True) # return Response(ser_obj.data) return my_pagenation.get_paginated_response(ser_obj.data) def post(self, request): ser_obj = StudentSerializer(data=request.data) if ser_obj.is_valid(): ser_obj.save() return Response(ser_obj.validated_data) else: return Response(ser_obj.errors)
serializers.py
from rest_framework import serializers from .models import Student class ClassesSerializer(serializers.Serializer): id = serializers.IntegerField() name = serializers.CharField(max_length=32) class CourseSerializer(serializers.Serializer): id = serializers.IntegerField() name = serializers.CharField(max_length=32) class StudentSerializer(serializers.ModelSerializer): classes_info = serializers.SerializerMethodField(read_only=True) course_info = serializers.SerializerMethodField(read_only=True) def get_classes_info(self, obj): ret = { "id": obj.classes.id, "name": obj.classes.name } return ret def get_course_info(self, obj): courses = obj.courses.all() ret = [] for course in courses: ret.append({ "id": course.id, 'name': course.name }) return ret class Meta: model = Student fields = "__all__" # fields = ["id", "name", "classes_info","course_info"] extra_kwargs = { "classes": {"write_only": True}, "courses": {'write_only': True}, }
models.py
from django.db import models # Create your models here. __all__ = ['Student', 'Classes', 'Course'] class Student(models.Model): name = models.CharField(max_length=32, verbose_name='姓名') age = models.IntegerField() classes = models.ForeignKey(to='Classes') courses = models.ManyToManyField(to='Course') def __str__(self): return self.name class Meta: db_table='01-学生表' verbose_name_plural=db_table class Classes(models.Model): name = models.CharField(max_length=32,verbose_name='班级') def __str__(self): return self.name class Meta: db_table='02-班级表' verbose_name_plural=db_table class Course(models.Model): name=models.CharField(max_length=32,verbose_name='课程') def __str__(self): return self.name class Meta: db_table='03-课程表' verbose_name_plural=db_table class UserInfo(models.Model): username = models.CharField(max_length=32) token = models.UUIDField() CHOICES = ((1, "vip"), (2, "svip"), (3, "普通用户")) type = models.IntegerField(choices=CHOICES, default=3)
app下的admin.py
from django.contrib import admin from . import models # Register your models here. for table in models.__all__: admin.site.register(getattr(models,table))