django-rest-framework权限配置问题
1、视图内设置权限
views.py
class SnippetViewSet(viewsets.ModelViewSet):
"""
This viewset automatically provides `list`, `create`, `retrieve`,
`update` and `destroy` actions.
Additionally we also provide an extra `highlight` action.
"""
queryset = Snippet.objects.all()
serializer_class = SnippetSerializer
''''''''''''''''''here''''''''''''''''''
permission_classes = (permissions.IsOwnerOrReadOnly,)
''''''''''''''''''here''''''''''''''''''
@action(detail=True, renderer_classes=[renderers.StaticHTMLRenderer])
def highlight(self, request, *args, **kwargs):
snippet = self.get_object()
return Response(snippet.highlighted)
def perform_create(self, serializer):
serializer.save(owner=self.request.user)
2、后台rootapi页面登录权限问题
settings.py
REST_FRAMEWORK = {
''''''''''''''''''here''''''''''''''''''
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
''''''''''''''''''here''''''''''''''''''
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication'
)
}