1、filter_queryset
class ProductAdd(generics.ListCreateAPIView):
queryset = Product.objects.all()
serializer_class = ProductSerializer
filter_fields = ("status", "sale_supplier")#传入参数过滤
template_name = "product_add.html"
permission_classes = (permissions.IsAuthenticated,)
def get(self, request, *args, **kwargs):
queryset = self.filter_queryset(self.queryset)#根据参数进行过滤
page = self.paginate_queryset(queryset)
……
Authentication
授权
Auth needs to be pluggable.
认证需要是可插拔的!!
— Jacob Kaplan-Moss, "REST worst practices"
2、Request Response objects
REST框架介绍了request对象继承常规HttpRequest,提供更灵活的请求解析。请求对象的核心功能是request.data属性,这是类似于request.post,但对于Web API的工作更有用。
request.post #只处理表单数据. "post" only
request.data #处理任意数据。"post" "put" "patch"
REST框架还引入了一个response的对象
return Response(data) # Renders to content type as requested by the client.
If you’re doing REST-based web service stuff … you should ignore request.POST.
— Malcom Tredinnick, Django developers group