文章目录
- 1,DjangoRestFramework基本使用
- 2,drf认证&权限 模块
- 3,djangorestframework 序列化
- 4,djangorestframework 分页
- 5,JWT:使用djangorestframework-jwt模块进行用户身份验证
1、安装
pip install djangorestframework
2、djangorestframework 介绍
- djangorestframework 主要使用 APIView,其实APIView实质是对 View 进行继承加工了更多功能
- 请求来了 APIView首先执行 self.dispatch 方法,此方法对 request 进行了再次封装
1,DjangoRestFramework基本使用
1、回顾CBV基本使用
- urls.py
from django.contrib import admin
from django.urls import path,re_path,include
urlpatterns = [
path('admin/', admin.site.urls),
re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
- users/urls.py
from django.contrib import admin
from django.urls import path,re_path,include
urlpatterns = [
path('admin/', admin.site.urls),
re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
- users/views.py
import json
from django.shortcuts import render,HttpResponse
from django.views import View
class HomeView(View):
def dispatch(self, request, *args, **kwargs):
return super(HomeView, self).dispatch(request, *args, **kwargs)
def get(self, request):
return HttpResponse('get')
def post(self, request):
return HttpResponse('post')
2、安装DjangoRestFramework
pip install djangorestframework==3.9.2
pip install markdown==3.0.1 # Markdown support for the browsable API.
pip install django-filter==2.1.0 # Filtering support
3、DjangoRestFramework 基本使用
- urls.py
from django.contrib import admin
from django.urls import path,re_path,include
urlpatterns = [
path('admin/', admin.site.urls),
re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
- users/urls.py
from django.urls import path,re_path,include
from users import views
urlpatterns = [
re_path(r'info', views.UserInfoViewSet.as_view(), name='user'),
]
- users/views.py
from rest_framework.views import APIView
from django.http import JsonResponse
class UserInfoViewSet(APIView):
def __init__(self):
super(UserInfoViewSet, self).__init__()
def get(self, request, *args, **kwargs):
result = {
'status': True,
'data': 'response data'
}
return JsonResponse(result, status=200)
def post(self, request, *args, **kwargs):
result = {
'status': True,
'data': 'response data'
}
return JsonResponse(result, status=200)
2,drf认证&权限 模块
1、authentication基本使用
class UserInfoViewSet(APIView):
authentication_classes = [authentication.IsAuthenticated,] # 用户认证模块
permission_classes = (authentication.IsOwnerOrReadOnly,) # 用户授权模块
- urls.py
from django.contrib import admin
from django.urls import path,re_path,include
urlpatterns = [
path('admin/', admin.site.urls),
re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
- users/urls.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from django.urls import path,re_path,include
from users import views
urlpatterns = [
re_path(r'info', views.UserInfoViewSet.as_view(), name='user'),
]
- users/views.py
from rest_framework.views import APIView
from django.http import JsonResponse
from common.auth import authentication
class UserInfoViewSet(APIView):
authentication_classes = [authentication.IsAuthenticated,]
permission_classes = (authentication.IsOwnerOrReadOnly,)
def __init__(self):
super(UserInfoViewSet, self).__init__()
def get(self, request, *args, **kwargs):
result = {
'status': True,
'data': 'response data'
}
return JsonResponse(result, status=200)
def post(self, request, *args, **kwargs):
result = {
'status': True,
'data': 'response data'
}
return JsonResponse(result, status=200)
- common\auth\authentication.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from rest_framework import authentication
from rest_framework import exceptions
from rest_framework import permissions
class IsOwnerOrReadOnly(permissions.BasePermission):
def has_permission(self, request, view):
if False: # 这里暂且不进行权限验证
raise exceptions.ParseError('您没有操作的权限')
return True
class IsAuthenticated(authentication.BaseAuthentication):
def authenticate(self, request):
auth = request.META.get('HTTP_AUTHORIZATION', None) # 获取 header中的 Authorization
if auth is None:
raise exceptions.NotAuthenticated()
'''这里应该是验证token是否合法逻辑'''
# token = Token.objects.filter(key=auth)
# try:
# request.user = token[0].user
# except IndexError:
# raise exceptions.NotAuthenticated('Invalid input Authenticated')
return (request, None)
def authenticate_header(self, request):
msg = 'Invalid token.Please get token first'
return exceptions.NotAuthenticated(msg)
2、测试接口
3,djangorestframework 序列化
- 序列化常用字段参数
'''1. 选项参数'''
name = serializers.CharField(min_length=3,max_length=20)
max_length # 最大长度
min_lenght # 最小长度
allow_blank # 是否允许为空
max_value # 最大值
min_value # 最小值
'''2. 通用参数'''
gp = serializers.SerializerMethodField(read_only=True)
read_only # 表明该字段仅用于序列化输出,默认False
write_only # 表明该字段仅用于反序列化输入,默认False
required # 表明该字段在反序列化时必须输入,默认True
default # 反序列化时使用的默认值
allow_null # 表明该字段是否允许传入None,默认False
validators # 该字段使用的验证器
label # 用于HTML展示API页面时,显示的字段名称
help_text # 用于HTML展示API页面时,显示的字段帮助提示信息
error_messages # 包含错误编号与错误信息的字典
1、序列化使用
- settings.py 注册App
INSTALLED_APPS = [
'rest_framework',
'users',
]
- urls.py 定义总路由
from django.contrib import admin
from django.urls import path,re_path,include
urlpatterns = [
path('admin/', admin.site.urls),
re_path(r'users/',include(('users.urls', 'users'), namespace='users'))
]
- users/urls.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from django.urls import path,re_path
from users import views
urlpatterns = [
re_path(r'^info/$', views.UserInfoViewSet.as_view(), name='userinfo'),
]
- users/models.py
from django.db import models
class UserInfo(models.Model):
name = models.CharField(max_length=64,unique=True)
ut = models.ForeignKey(to='UserType', on_delete=models.CASCADE)
gp = models.ManyToManyField(to='UserGroup')
def __str__(self):
return self.name
class UserType(models.Model):
type_name = models.CharField(max_length=64,unique=True)
def __str__(self):
return self.type_name
class UserGroup(models.Model):
group = models.CharField(max_length=64)
def __str__(self):
return self.group
- users/views.py
from rest_framework.views import APIView
from rest_framework.views import Response
import json
from users import serializers
from users import models as users_model
class UserInfoViewSet(APIView):
# 查询用户信息
def get(self, request, *args, **kwargs):
# 一对多、多对多查询都是一样的语法
obj = users_model.UserInfo.objects.all()
ser = serializers.UserInfoSerializer(instance=obj,many=True) # 关联数据多个
# ser = serializers.UserInfoSerializer(instance=obj[0]) # 关联数据一个
return Response(ser.data, status=200)
# 创建用户
'''创建用户'''
def post(self,request):
ser = serializers.UserInfoSerializer(data=request.data)
if ser.is_valid():
ser.save()
return Response(data=ser.data, status=201)
return Response(data=ser.errors,status=400)
# 更新用户信息
def put(self, request):
pk = request.data.get('pk')
userinfo = users_model.UserInfo.objects.get(id = pk)
# 创建序列化对象,并将要反序列化的数据传递给data构造参数,进而进行验证
ser = serializers.UserInfoSerializer(userinfo,data=request.data)
if ser.is_valid():
ser.save()
return Response(data=ser.data, status=201)
return Response(data=ser.errors,status=400)
- users/serializers.py
from rest_framework import serializers
from users.models import UserInfo
class UserInfoSerializer(serializers.Serializer):
name = serializers.CharField(min_length=3,max_length=20) # 显示普通字段
ut_id = serializers.IntegerField(write_only=True) # 外键约束,关联字段要定义
ut = serializers.CharField(source='ut.type_name',required=False) # 显示一对多字段名称
gp = serializers.SerializerMethodField(read_only=True) # 自定义显示(显示多对多)
xxx = serializers.CharField(source='name',required=False) # 也可以自定义显示字段名称
'''PrimaryKeyRelatedField和StringRelatedField:可以用对 一对多 和 多对多 关联对象序列化'''
# gp = serializers.PrimaryKeyRelatedField(read_only=True, many=True)
# gp = serializers.StringRelatedField(read_only=True,many=True)
class Meta:
model = UserInfo
# 自定义显示 多对多 字段
def get_gp(self,row):
'''row: 传过来的正是 UserInfo表的对象'''
gp_obj_list = row.gp.all().values('id','group') # 获取用户所有组
return gp_obj_list
# 定义创建语法
def create(self, validated_data):
return UserInfo.objects.create(**validated_data)
# 定义更新方法
def update(self, instance, validated_data):
if validated_data.get('name'):
instance.name = validated_data['name']
if validated_data.get('ut_id'):
instance.ut_id = validated_data['ut_id']
instance.save()
return instance
# 定义单一字段验证的方法
def validate_name(self, value):
if value == 'root':
raise serializers.ValidationError('不能创建root管理员账号')
return value
# 定义多字段验证方法
def validate(self, attrs):
if attrs['name'] == 'admin':
raise serializers.ValidationError('不能创建admin用户')
return attrs
# 一对多序列化(反向查找)
class UserTypeSerializer(serializers.Serializer):
type_name = serializers.CharField()
# 法1一对多关联对象序列化:此字段将被序列化为关联对象的主键
userinfo_set = serializers.PrimaryKeyRelatedField(read_only=True, many=True)
# 法2一对多关联对象序列化:此字段将被序列化为关联对象的字符串表示方式(即__str__方法的返回值)
# userinfo_set = serializers.StringRelatedField(read_only=True,many=True)
# 法3一对多关联对象序列化:使用关联对象的序列化器
# userinfo_set = UserInfoSerializer(many=True)
# 多对多序列化(反向)
class UserGroupSerializer(serializers.Serializer):
group = serializers.CharField()
# 法1一对多关联对象序列化:此字段将被序列化为关联对象的主键
# userinfo_set = serializers.PrimaryKeyRelatedField(read_only=True, many=True)
# 法2一对多关联对象序列化:此字段将被序列化为关联对象的字符串表示方式(即__str__方法的返回值)
# userinfo_set = serializers.StringRelatedField(read_only=True,many=True)
# 法3一对多关联对象序列化:使用关联对象的序列化器
# userinfo_set = UserInfoSerializer(many=True)
2、序列化(serializers.Serializer)
- 1)序列化(正向查找)
from rest_framework import serializers
from users.models import UserInfo
class UserInfoSerializer(serializers.Serializer):
name = serializers.CharField(min_length=3,max_length=20) # 显示普通字段
ut = serializers.CharField(source='ut.type_name',required=False) # 显示一对多字段名称
gp = serializers.SerializerMethodField(read_only=True) # 自定义显示(显示多对多)
xxx = serializers.CharField(source='name',required=False) # 也可以自定义显示字段名称
ut_id = serializers.IntegerField(write_only=True) # 一对多关联字段定义(外键约束)
'''PrimaryKeyRelatedField和StringRelatedField:可以用对 一对多 和 多对多 关联对象序列化'''
# gp = serializers.PrimaryKeyRelatedField(read_only=True, many=True)
# gp = serializers.StringRelatedField(read_only=True,many=True)
class Meta:
model = UserInfo
# 自定义显示 多对多 字段
def get_gp(self,row):
'''row: 传过来的正是 UserInfo表的对象'''
gp_obj_list = row.gp.all().values('id','group') # 获取用户所有组
return gp_obj_list
- 2)序列化(反向查找)
''' 一对多序列化(反向查找)'''
class UserTypeSerializer(serializers.Serializer):
type_name = serializers.CharField()
# 法1一对多关联对象序列化:此字段将被序列化为关联对象的主键
userinfo_set = serializers.PrimaryKeyRelatedField(read_only=True, many=True)
# 法2一对多关联对象序列化:此字段将被序列化为关联对象的字符串表示方式(即__str__方法的返回值)
# userinfo_set = serializers.StringRelatedField(read_only=True,many=True)
# 法3一对多关联对象序列化:使用关联对象的序列化器
# userinfo_set = UserInfoSerializer(many=True)
- 3)视图函数中使用序列化
class UserInfoViewSet(APIView):
def get(self, request, *args, **kwargs):
# 一对多、多对多查询都是一样的语法
obj = users_model.UserInfo.objects.all()
ser = serializers.UserInfoSerializer(instance=obj,many=True) # 关联数据多条
# ser = serializers.UserInfoSerializer(instance=obj[0]) # 关联数据一条
return Response(ser.data, status=200)
3、反序列化
- 1)使用反序列化保存数据
'''创建用户'''
def post(self,request):
ser = serializers.UserInfoSerializer(data=request.data)
if ser.is_valid():
ser.save()
return Response(data=ser.data, status=201)
return Response(data=ser.errors,status=400)
- 2)反序列化定义创建和更新方法
# 定义创建语法
def create(self, validated_data):
return UserInfo.objects.create(**validated_data)
# 定义更新方法
def update(self, instance, validated_data):
if validated_data.get('name'):
instance.name = validated_data['name']
if validated_data.get('ut_id'):
instance.ut_id = validated_data['ut_id']
instance.save()
return instance
# 定义单一字段验证的方法
def validate_name(self, value):
if value == 'root':
raise serializers.ValidationError('不能创建root管理员账号')
return value
# 定义多字段验证方法
def validate(self, attrs):
if attrs['name'] == 'admin':
raise serializers.ValidationError('不能创建admin用户')
return attrs
4、序列化使用举例(serializers.ModelSerializer)
- 1.ModelSerializer本质是继承了Serielizer类添加了部分功能
- 2.在使用上ModelSerializer可以使用 fields = ‘all’ 定义要显示的字段
# serializers.ModelSerializer使用
'''users/serializers/userinfo_serializers.py'''
from rest_framework import serializers
from users.models import UserInfo
class UserInfoSerializer(serializers.ModelSerializer):
# name = serializers.CharField() # 显示普通字段
ut = serializers.CharField(source='ut.type_name') # 显示一对多字段
gp = serializers.SerializerMethodField() # 自定义显示(显示多对多)
xxx = serializers.CharField(source='name') # 也可以自定义显示字段名称
class Meta:
model = UserInfo
# fields = "__all__"
fields = ["name",'ut','gp','xxx'] # 定义显示那些字段
def get_gp(self,row):
'''row: 传过来的正是 UserInfo表的对象'''
gp_obj_list = row.gp.all() # 获取用户所有组
ret = []
for item in gp_obj_list:
ret.append({'id':item.id,'gp':item.group})
return ret
5、使用serializers.ModelSerializer 进行数据验证
- users/views.py
from rest_framework.views import APIView
from users.serializers.userinfo_serializers import UserInfoSerializer
from users.models import UserInfo
class UserInfoViewSet(APIView):
def get(self, request, *args, **kwargs):
obj = UserInfo.objects.all()
ser = UserInfoSerializer(instance=obj,many=True)
ret = json.dumps(ser.data,ensure_ascii=False)
return HttpResponse(ret)
def post(self, request, *args, **kwargs):
ser = UserInfoSerializer(data=request.data) # 验证,对请求发来的数据进行验证
if ser.is_valid():
print(ser.validated_data) # post请求数据字典
else:
print(ser.errors) # form验证错误信息
return HttpResponse(json.dumps({'status':True}))
- users/serializers/userinfo_serializers.py
'''users/serializers/userinfo_serializers.py'''
from rest_framework import serializers
from django.core.exceptions import ValidationError
from users.models import UserInfo
class UserInfoSerializer(serializers.ModelSerializer):
name = serializers.CharField(min_length=10, error_messages={'required': '该字段必填'}) # 显示普通字段
ut = serializers.CharField(source='ut.type_name',required=False) # 显示一对多字段
gp = serializers.SerializerMethodField(required=False) # 自定义显示(显示多对多)
xxx = serializers.CharField(source='name', required=False) # 也可以自定义显示字段名称
class Meta:
model = UserInfo
# fields = "__all__"
fields = ["name",'ut','gp','xxx'] # 定义显示那些字段
# 局部钩子:
def validate_name(self, value): # value 是name字段提交的值
if value.startswith('sb'): # 不能以sb开头
raise ValidationError('不能以sb开头')
else:
return value
# 全局钩子找到了
def validate(self, value): # value是所有校验通过数据的字典
name = value.get('name')
if False:
raise ValidationError('全局钩子引发异常')
return value
'''1、ser.is_valid()'''
# 验证post请求中数据是否合法
'''2、全局校验钩子'''
def validate(self, value): # value是所有校验通过数据的字典
'''3、局部钩子'''
def validate_name(self, value): # value 是name字段提交的值
4,djangorestframework 分页
1、分页中基本语法
'''1、实例化一个Paginator对象'''
paginator = Paginator(objs, page_size) # paginator对象
'''2、获取总数量&总页数'''
total_count = paginator.count # 总数量
total = paginator.num_pages # 总页数
'''3、使用objs对象获取指定页数内容'''
objs = paginator.page(page)
'''4、对分页后的数据进行序列化操作'''
serializer = Serializer(objs, many=True) # 序列化操作
2、分页模块使用举例
- common/utils/api_paginator.py 自定义分页模块
#!/usr/bin/python
# -*- coding: utf-8 -*-
from django.conf import settings
from rest_framework import status
from django.core.paginator import EmptyPage, Paginator, PageNotAnInteger
from rest_framework.views import Response
def Paginators(objs, request, Serializer):
"""
objs : 实体对象, queryset
request : 请求对象
Serializer : 对应实体对象的类
page_size : 每页显示多少条数据
page : 显示第几页数据
total_count :总共有多少条数据
total :总页数
"""
try:
page_size = int(request.GET.get('page_size', settings.REST_FRAMEWORK['PAGE_SIZE']))
page = int(request.GET.get('page', 1))
except (TypeError, ValueError):
return Response(status=400)
paginator = Paginator(objs, page_size) # paginator对象
total_count = paginator.count
total = paginator.num_pages # 总页数
try:
objs = paginator.page(page)
except PageNotAnInteger:
objs = paginator.page(1)
except EmptyPage:
objs = paginator.page(paginator.num_pages)
serializer = Serializer(objs, many=True) # 序列化操作
return Response(
data={
'detail': serializer.data,
'page': page,
'page_size': page_size,
'total': total,
'total_count': total_count
}
)
- settings.py
# 分页
REST_FRAMEWORK = {
# 全局分页
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
# 关闭api root页面展示
'DEFAULT_RENDERER_CLASSES': (
'rest_framework.renderers.JSONRenderer',
),
'UNICODE_JSON': False,
# 自定义异常处理
'EXCEPTION_HANDLER': (
'common.utils.custom_exception_handler'
),
'PAGE_SIZE': 10
}
- users/serializers/userinfo_serializer.py
'''users/serializers/userinfo_serializers.py'''
from rest_framework import serializers
from users.models import UserInfo
class UserInfoSerializer(serializers.Serializer):
name = serializers.CharField() # 显示普通字段
ut = serializers.CharField(source='ut.type_name') # 显示一对多字段
gp = serializers.SerializerMethodField() # 自定义显示(显示多对多)
xxx = serializers.CharField(source='name') # 也可以自定义显示字段名称
class Meta:
model = UserInfo
def get_gp(self,row):
'''row: 传过来的正是 UserInfo表的对象'''
gp_obj_list = row.gp.all() # 获取用户所有组
ret = []
for item in gp_obj_list:
ret.append({'id':item.id,'gp':item.group})
return ret
- users/views.py
''' users/views.py'''
from rest_framework.views import APIView
from rest_framework.views import Response
from users.serializers.userinfo_serializers import UserInfoSerializer
from users.models import UserInfo
from common.utils.api_paginator import Paginators
class UserInfoViewSet(APIView):
queryset = UserInfo.objects.all().order_by('id')
serializer_class = UserInfoSerializer
def get(self, request, *args, **kwargs):
self.queryset = self.queryset.all()
ret = Paginators(self.queryset, request, self.serializer_class)
print(json.dumps(ret.data)) # ret.data 返回的是最终查询的json数据
return Response(ret.data)
# http://127.0.0.1:8000/users/info/?page_size=1
'''
{
"detail": [
{
"name": "zhangsan",
"ut": "学生",
"gp": [
{
"id": 1,
"gp": "group01"
},
{
"id": 2,
"gp": "group02"
}
],
"xxx": "zhangsan"
}
],
"page": 1,
"page_size": 1,
"total": 3,
"total_count": 3
}
'''
5,JWT:使用djangorestframework-jwt模块进行用户身份验证
安装: pip install djangorestframework-jwt
添加应用:python manage.py startapp users
官方网站:https://jpadilla.github.io/django-rest-framework-jwt/
1、JWT配置使用
- settings.py 配置使用JWT
########### 1、在INSTALLED_APPS中加入'rest_framework.authtoken', #################
INSTALLED_APPS = [
'''
'rest_framework.authtoken', #
'''
]
################### 2、配置jwt验证 ######################
REST_FRAMEWORK = {
# 身份认证
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
),
}
import datetime
JWT_AUTH = {
'JWT_AUTH_HEADER_PREFIX': 'JWT',
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1),
'JWT_RESPONSE_PAYLOAD_HANDLER':
'users.views.jwt_response_payload_handler', # 重新login登录返回函数
}
AUTH_USER_MODEL='users.User' # 指定使用users APP中的 model User进行验证
- urls.py
from django.contrib import admin
from django.urls import path,re_path,include
urlpatterns = [
path('admin/', admin.site.urls),
re_path(r'users/',include(('users.urls','users'),namespace='users'))
]
- users/urls.py
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from django.urls import path,re_path,include
from users import views
from rest_framework_jwt.views import obtain_jwt_token # 验证密码后返回token
urlpatterns = [
path('v1/register/', views.RegisterView.as_view(), name='register'), # 注册用户
path('v1/login/', obtain_jwt_token,name='login'), # 用户登录后返回token
path('v1/list/', views.UserList.as_view(), name='register'), # 测试需要携带token才能访问
]
- users/models.py 添加用户认证的User表
from django.db import models
from django.contrib.auth.models import AbstractUser
class User(AbstractUser):
username = models.CharField(max_length=64, unique=True)
password = models.CharField(max_length=255)
phone = models.CharField(max_length=64)
token = models.CharField(max_length=255)
- users/serializers.py 使用Serializer的create方法创建token
#! /usr/bin/env python
# -*- coding: utf-8 -*-
from rest_framework_jwt.settings import api_settings
from rest_framework import serializers
from users.models import User
class UserSerializer(serializers.Serializer):
username = serializers.CharField()
password = serializers.CharField()
phone = serializers.CharField()
token = serializers.CharField(read_only=True)
def create(self, data):
user = User.objects.create(**data)
user.set_password(data.get('password'))
user.save()
# 补充生成记录登录状态的token
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
user.token = token
return user
- users/views.py
from django.shortcuts import render
import json
from rest_framework.views import APIView
from rest_framework.views import Response
from rest_framework.permissions import IsAuthenticated
from rest_framework_jwt.authentication import JSONWebTokenAuthentication
from users.serializers import UserSerializer
# 用户注册
class RegisterView(APIView):
def post(self, request, *args, **kwargs):
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=201)
return Response(serializer.errors, status=400)
# 重新用户登录返回函数
def jwt_response_payload_handler(token, user=None, request=None):
'''
:param token: jwt生成的token值
:param user: User对象
:param request: 请求
'''
return {
'token': token,
'user': user.username,
'userid': user.id
}
# 测试必须携带token才能访问接口
class UserList(APIView):
permission_classes = [IsAuthenticated] # 接口中加权限
authentication_classes = [JSONWebTokenAuthentication]
def get(self,request, *args, **kwargs):
print(request.META.get('HTTP_AUTHORIZATION', None))
return Response({'name':'zhangsan'})
def post(self,request, *args, **kwargs):
return Response({'name':'zhangsan'})
- settings.py 前后端分离配置cors
#1、指定允许的hosts,否则通过 http://jack.com:8888/index/ 无法访问jack_django程序
ALLOWED_HOSTS = ['*']
#2、将corsheaders 注册到app中
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'corsheaders',
'app01',
]
#3、将下面两条添加到中间件重
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
]
#4、配置 django-cors-headers 中的参数
CORS_ALLOW_CREDENTIALS = True
CORS_ORIGIN_ALLOW_ALL = True
# CORS_ORIGIN_WHITELIST = (
# '*',
# )
CORS_ALLOW_METHODS = (
'DELETE',
'GET',
'OPTIONS',
'PATCH',
'POST',
'PUT',
'VIEW',
)
CORS_ALLOW_HEADERS = (
'XMLHttpRequest',
'X_FILENAME',
'accept-encoding',
'authorization',
'content-type',
'dnt',
'origin',
'user-agent',
'x-csrftoken',
'x-requested-with',
'Pragma',
)
# 通过用户token获取用户信息
from rest_framework_jwt.utils import jwt_decode_handler
toke_user = jwt_decode_handler(token)
# {'user_id': 2, 'username': 'lisi', 'exp': 1561504444, 'email': ''}