from django.shortcuts import render,HttpResponse
from rest_framework.views import APIView
from django.http import JsonResponse
from appone import models
from rest_framework.versioning import URLPathVersioning
from rest_framework.authentication import BaseAuthentication
from rest_framework.request import Request
from rest_framework import exceptions
from rest_framework.throttling import SimpleRateThrottle
from rest_framework.authentication import SessionAuthentication
def gen_token(username):
import time
import hashlib
ctime = str(time.time())
hash = hashlib.md5(username.encode('utf-8'))
hash.update(ctime.encode('utf-8'))
return hash.hexdigest()
class CustomAuthentication(BaseAuthentication):
def authenticate(self, request):
"""
Authenticate the request and return a two-tuple of (user, token).
"""
tk = request.query_params.get('tk')
if not tk:
'''
未登录用户
'''
return (None,None)
'''已登录用户'''
token_obj = models.Token.objects.filter(token=tk).first()
if token_obj:
return (token_obj.user,token_obj)
raise exceptions.AuthenticationFailed("认证失败")
def authenticate_header(self, request):
"""
Return a string to be used as the value of the `WWW-Authenticate`
header in a `401 Unauthenticated` response, or `None` if the
authentication scheme should return `403 Permission Denied` responses.
"""
pass
from rest_framework.permissions import AllowAny,BasePermission
class CustomPermission(BasePermission):
message = "无权限"
def has_permission(self, request, view):
"""
Return `True` if permission is granted, `False` otherwise.
"""
'''登录用户才能访问'''
if request.user:
return True
return False
class CustomAnonRateThrottle(SimpleRateThrottle):
'''
未登录用户配置
'''
scope = 'Luffy_anon'
def get_cache_key(self, request, view):
return 'throttle_%(scope)s_%(ident)s'%{
'scope':self.scope,
'ident':self.get_ident(request)
}
def allow_request(self, request, view):
if request.user:
return True
self.key = self.get_cache_key(request, view)
self.history = self.cache.get(self.key,[])
self.now = self.timer()
while self.history and self.history[-1] <= self.now - self.duration:
self.history.pop()
if len(self.history) >= self.num_requests:
return self.throttle_failure()
return self.throttle_success()
class CustomUserRateThrottle(SimpleRateThrottle):
scope = 'Luffy_user'
def allow_request(self, request, view):
if not request.user:
return True
self.key = request.user.user + view.__class__.__name__
self.history = self.cache.get(self.key,[])
self.now = self.timer()
while self.history and self.history[-1] <= self.now - self.duration:
self.history.pop()
if len(self.history) >= self.num_requests:
return self.throttle_failure()
return self.throttle_success()
class LoginView(APIView):
'''
登录,无限制,用户发送用户名和密码,登录返回token
'''
def get(self,request,*args,**kwargs):
return HttpResponse("login get page")
def post(self,request,*args,**kwargs):
ret = {'code': 1000, 'msg': None}
print(request.data)
user = request.data.get('user')
pwd = request.data.get('pwd')
user_obj = models.UserInfo.objects.filter(user=user, pwd=pwd).first()
if user_obj:
tk = gen_token(user)
models.Token.objects.update_or_create(user=user_obj, defaults={'token': tk})
ret['code'] = 1001
ret['token'] = tk
else:
ret['msg'] = "用户名或密码错误"
return JsonResponse(ret)
class indexView(APIView):
'''
首页,所有人都能访问,限制【匿名用户10/m,登录20/m】
'''
authentication_classes = [CustomAuthentication, ]
throttle_classes = [CustomAnonRateThrottle, CustomUserRateThrottle]
def get(self, request, *args, **kwargs):
a = self.dispatch
return HttpResponse('index get page')
def post(self,request,*args,**kwargs):
return HttpResponse('index post page')
class OrderView(APIView):
'''
订单,登录成功之后,才能查看;限制【登录20/m】
'''
authentication_classes = [CustomAuthentication, ]
permission_classes = [CustomPermission, ]
throttle_classes = [CustomUserRateThrottle,]
def get(self, request, *args, **kwargs):
a = self.dispatch
return HttpResponse('order get page')
def post(self,request,*args,**kwargs):
print(request.data)
return HttpResponse("order post page")
from rest_framework import serializers
from rest_framework.response import Response
from rest_framework.viewsets import GenericViewSet,ModelViewSet
from rest_framework.viewsets import mixins
class RouteSerializer(serializers.ModelSerializer):
class Meta:
model = models.UserInfo
fields = "__all__"
class RouterView(ModelViewSet):
queryset = models.UserInfo.objects.all()
serializer_class = RouteSerializer
from rest_framework.pagination import PageNumberPagination,LimitOffsetPagination,CursorPagination
class PageSerializer(serializers.ModelSerializer):
class Meta:
model = models.UserInfo
fields = "__all__"
class StandardResultsSetPagination(CursorPagination):
'''游标分页'''
cursor_query_param = 'cursor'
page_size = 2
page_size_query_param = 'page_size'
max_page_size = 1000
ordering = "id"
class PagerView(APIView):
def get(self, request, *args, **kwargs):
user_list = models.UserInfo.objects.all()
paginator = StandardResultsSetPagination()
page_user_list = paginator.paginate_queryset(user_list, self.request, view=self)
serializer = PageSerializer(page_user_list, many=True)
response = paginator.get_paginated_response(serializer.data)
return response
from rest_framework.renderers import JSONRenderer,AdminRenderer,BrowsableAPIRenderer,HTMLFormRenderer
class RenderSerializer(serializers.ModelSerializer):
class Meta:
model = models.UserInfo
fields = "__all__"
from rest_framework.negotiation import DefaultContentNegotiation
class RenderView(APIView):
renderer_classes = [JSONRenderer,BrowsableAPIRenderer,AdminRenderer,HTMLFormRenderer]
def get(self,request,*args,**kwargs):
user_list = models.UserInfo.objects.all()
ser = RenderSerializer(instance=user_list, many=True)
return Response(ser.data)