dJANGO RESTFRAMEWORK

1、filter_queryset

class ProductAdd(generics.ListCreateAPIView):

    queryset = Product.objects.all()
    serializer_class = ProductSerializer
    filter_fields = ("status", "sale_supplier")#传入参数过滤
    template_name = "product_add.html"
    permission_classes = (permissions.IsAuthenticated,)

    def get(self, request, *args, **kwargs):
        queryset = self.filter_queryset(self.queryset)#根据参数进行过滤
        page = self.paginate_queryset(queryset)
        ……

---

Authentication
授权
Auth needs to be pluggable.
认证需要是可插拔的！！
— Jacob Kaplan-Moss, "REST worst practices"

---

2、Request Response objects

REST框架介绍了request对象继承常规HttpRequest，提供更灵活的请求解析。请求对象的核心功能是request.data属性，这是类似于request.post，但对于Web API的工作更有用。

request.post #只处理表单数据. "post" only
request.data #处理任意数据。"post" "put" "patch"

---

REST框架还引入了一个response的对象

return Response(data)  # Renders to content type as requested by the client.

---

If you’re doing REST-based web service stuff … you should ignore request.POST.
— Malcom Tredinnick, Django developers group