drf
跨域同源
django做跨域同源 需要把csrf去掉 跨站请求伪造
同源
同源机制:域名、协议、端口号相同的同源
简单请求
不写头部请求 跨域会拦截报错缺少请求信息(1) 请求方法是以下三种方法之一:(也就是说如果你的请求方法是什么put、delete等肯定是非简单请求)HEADGETPOST(2)HTTP的头信息不超出以下几种字段:(如果比这些请求头多,那么一定是非简单请求)AcceptAccept-LanguageContent-LanguageLast-Event-IDContent-Type:只限于三个值application/x-www-form-urlencoded、multipart/form-data、text/plain,也就是说,如果你发送的application/json格式的数据,那么肯定是非简单请求,vue的axios默认的请求体信息格式是json的,ajax默认是urlencoded的。#vue.js axios -- $.ajax ajax和axios都是基于js的封装框架支持跨域,简单请求服务器设置响应头:Access-Control-Allow-Origin = '域名' 或 '*'
复杂请求
不在简单范围内的请求头和请求方法
写法
access-contorl-allow-origin 请求头写了斜杠http://127.0.0.1/ 只能路径之后才可以访问直接写ip地址http://127.0.0.1 是全路径下复杂请求有option请求 进行预警’contype是规定以什么格式进行上传支持跨域,复杂请求由于复杂请求时,首先会发送“预检”请求'options'请求方法,如果“预检”成功,则发送真实数据。“预检”请求时,允许请求方式则需服务器设置响应头:Access-Control-Request-Method“预检”请求时,允许请求头则需服务器设置响应头:Access-Control-Request-Headersres['Access-Control-Allow-Origin'] = 'http://127.0.0.1:8001'res['Access-Control-Allow-Headers'] = 'content-type'#请求头部信息# res['Access-Control-Allow-Methods'] = 'PUT'#请求方法# res['Access-Control-Allow-Origin'] = '*全部网址都可以进行访问请求头部信息是需要按照 指定的要求文件格式
GIT版本管理工具
集中式的版本管理工具 是把所有项目上线到项目中 集中管理 蹦了之后项目就崩了
分布式 可以直接把整个版本down下来进行开发 但是你开发的东西基于其他人就没办法进行操作 又要等着上传
drf
问题
前后端分离
1.常用vue.js2.后端给前端json数据3.后端要想使用drf组件**request.data4.需要前端返回json数据类型5.self封装了request属性self.request.method
移动端盛行
PC端应用
crm项目,前端后端一起写,运行在浏览器上
第二部分 任务
以前会使用很多url绑定视图函数返回
http://127.0.0.1:8000/info/get/http://127.0.0.1:8000/info/add/http://127.0.0.1:8000/info/update/http://127.0.0.1:8000/info/delete/
请求方法
http://127.0.0.1:8000/info/get,获取数据post,添加put,更新delete,删除
现在要遵循restful规范
restful是什么resultful是一种前后端约定俗称的一种规则,用于程序之间进行数据交换的约定详细说明1。url中一般用名词:http:www。baidu.com/article/面向资源编程,网络上东西都视为资源1.5筛选条件在url参数中进行传递例如#http://www.baidu.com/article/?page=1&category2.是一套规则,用于程序之间进行数据交换的约定。3.他规定了一些协议,对我们感受最直接的的是,以前写增删改查需要写4个接口,restful规范的就是1 个接口,根据method的不同做不同的操作,比如:4.get/post/delete/put/patch/delete. 初次之外,resetful规范还规定了:- 数据传输通过json扩展:前后端分离、app开发、程序之间(与编程语言无关)5- URL中一般用名词:http://www.luffycity.com/article/ (面向资源编程,网络上东西都视为资源)6建议加上api标识url写法http://www.luffycity.com/api/v1....(建议,因为他不会存在跨域的问题)注意:版本还可以放在请求头中 http://www.luffycity.com/api/ accept: ...7建议用https代替http#为了保证数据的安全9.要返回给用户状态码(建议)from rest_formwork import statusstatus.HTTP_200_OK 返回状态码或者在字典里面返回自定义code状态码#例data{# code:10000status:radom_string#}- 200,成功- 300,301永久 /302临时- 400,403拒绝 /404找不到- 500,服务端代码错误10新增的数据返回值(建议)要返回多个列表套字典格式GET HTTP:..WWW.xxx.com/api/user/[{"id":1,"name":"xxx","age":19}{"id":1,name}]单条返回字典11 操作异常要返回错误信息{error:"Invalid API key"}12 对于下一个请求要返回一些接口:Hypermedia AP{'id':2,'name':'alex','age':19,'depart': "http://www.luffycity.com/api/user/30/"}
json数据:
JSON: {name:'alex',age:18,gender:'男'}
以前用webservice,数据传输格式xml
以前用webservice,数据传输格式xml。XML<name>alex</name><age>alex</age><gender>男</gender>
使代码更加专业
不使用drf框架
返回json类型数据
django创建一个项目叫做api '接口'通过jsonresopnese(data,safe=Flase)jsonresopnese默认支持字典 非字典需要使用safe
约定俗成的返回数据要返回json类型
只使用一个url cbv格式
#只使用一个url cbv格式get 获取数据post添加put更新patch局部更新delete删除 请求方法
基于django可以实现遵循restful规范的接口开发规范
- fbv 实现比较麻烦
- cbv 相比较fbv比较简单 根据method做了不同的区分
- 使用drf比较方便
初识drf
drf是一个基于django开发的组件,本质是一个django的app。 drf可以办我们快速开发出一个遵循restful规范的程序
写接口的时候用到drf
视图
使用CBV
from django.views import View之前django是继承view继承apiviewfrom rest_framework import Apiviewfrom rest_framework.views import APIView
知识点
继承apiview1.请求来了先执行视图的dispatch方法2.版本处理3.认证4.权限5.节流6.解析器'''-解析器,根据用户请求体格式不同进行数据解析,解析之后放在request.data中如果content-type:x-www-urlencoded,那么drf会根据 & 符号分割的形式去处理请 求体。 user=wang&age=19如果content-type:application/json,那么drf会根据 json 形式去处理请求体。{"user":"wang","age":19}'''7.序列化'''- 序列化serlizer类 .data,可以对QuerySet进行序列化,也可以对用户提交的数据进行校验。'''8.筛选器9.分页10.渲染器- 渲染器,可以帮我们把json数据渲染到页面上进行友好的展示。(内部会根据请求设备不同做不同的 展示)
1.安装地址
pip3 install djangorestframework
2.需要先注册app!!!
如果有新建的app也需要进行注册,要不然不识别
admin不会自动加载
model数据库表结构也不会执行同步
INSTALLED_APPS = ['django.contrib.admin','django.contrib.auth','django.contrib.contenttypes','django.contrib.sessions','django.contrib.messages','django.contrib.staticfiles','rest_framework']
3.写路由
from django.conf.urls import urlfrom django.contrib import adminfrom api import viewsurlpatterns = [url(r'^drf/info/', views.DrfInfoView.as_view()),]#as_view()执行as_view方法和函数一样执行
4.写视图上
然后进行引用 模块
内置response代替了 django的jsonresponse
from django.shortcuts import renderfrom rest_framework.response import Responsefrom rest_framework.views import APIViewfrom hula import models# Create your views here.class DrfCategoryView(APIView):def post(self, request, *args, **kwargs):#接收 有名传参(关键字传参) 无名传参(位置传参)obj = request.POST.get('data')if obj:models.Category.objects.create(**obj)return Response('OK成功')
知识点总结
resful规范
#基于cbv操作 也就是视图类1.给别人提供一个URL,根据URL请求方式的不同,做不同操作。get,获取post,增加put,全部更新patch,局部更新delete,删除2.数据传输基于json格式。潜规则因为不论什么请求方式,都需要给前端返回对象内容,就是json格式的
类的约束
如果出现 NOTmplementedError错误 说明必须实现实现发方法
drf框架
不基于drf也可以是实现resful规范来开发接口程序使用drf之后,可以快速帮我们开发resful规范来开发接口
初始化数据库
1.迁移数据库
外键需要使用为空或者给一个默认值blank=True Null=True
2.url路由
from django.conf.urls import urlfrom django.contrib import adminfrom api import viewsurlpatterns = [url(r'^drf/category/', views.DrfCategoryView.as_view()),]
from rest_framework.views import APIViewfrom rest_framework.response import Responseclass DrfCategoryView(APIView):pass
3.FBV
接口:访问接口时,创建一个文章类型(post增加)
from django.shortcuts import renderfrom rest_framework.response import Responsefrom rest_framework.views import APIViewfrom hula import models# Create your views here.class DrfCategoryView(APIView):def post(self, request, *args, **kwargs):#接收 有名传参(关键字传参) 无名传参(位置传参)obj = request.POST.get('data')if obj:models.Category.objects.create(**obj)return Response('OK成功')
假设写后端
4.开发完毕告诉前端访问
http://127.0.0.1:8000/drf/category/
5.模拟前端访问数据下载软件postman
默认使用x-www-urlencoded
拼接成 value&value
requesr.body获取请求体request.POST获取的是POST请求的所有数据#字典类型#QueryDict: {'title': ['摩擦'], 'id': ['1']}>request.body: name=alex&age=19&gender=12request.POST: {'name': ['alex'], 'age': ['19'], 'gender': ['12']}
使用raw原生json发送
json(一般使用json)
注意点
#request.body获取是bytes类型request.body: b'{"id":1,"name":"ALEX","AGE"}'1.decode解码成json字符串2.loads成可以给python处理的字典(json序列化)json.loads(request.body.decode('utf-8'))#json格式字符串是双引号
前端json的值
requesr.body获取请求体里面的数据request.POST获取的是POST请求的所有数据request.body: b'{"ID":1,"name":"Alex","age":19}'request.POST: 没有值
drf使用
对象类型转换成字典类型
from django.forms import model_to_dictmodel_to_dict#转换obj = models.Category.objects.filter(pk=pk).first()obj=model_to_dict(obj)
默认封装了 request.data(django没有) 进行了解码序列化
视图 APIviewrequest.data中有一个解析器解析器,根据用户请求体格式不同进行数据解析,解析之后方法在进行解析时候,drf会读取http
路径
urlpatterns = [url(r'^admin/', admin.site.urls),url(r'^info/$', views.InfoView.as_view()),url(r'^drf/info/$', views.DrfInfoView.as_view()),url(r'^drf/category/$', views.DrfCategoryView.as_view()),url(r'^drf/category/(?P<pk>\d+)/$', views.DrfCategoryView.as_view()),]
直接全部文章get
class DrfCategoryView(APIView):def get(self,request,*args,**kwargs):#obj=models.Article.objects.values()#obj=models.Article.objects.all()# obj=models.Article.objects.all.values('id','name')obj=list(obj)return Response(obj)
?format=json 可以直接序列化json
单独的文章发送
不使用序列化器
from django.forms import model_to_dictmodel_to_dict把model对象转换成字典def get(self,request,*args,**kwargs):pk=kwargs.get('pk')# print(1)if not pk:#判断有没有取到值obj=models.Article.objects.values()# obj=models.Article.objects.all.values('id','name')obj=list(obj)return Response(obj)else:print(1)obj = models.Article.objects.filter(pk=pk).first()obj=model_to_dict(obj)return Response(obj)
删除delete
from api import modelsfrom django.forms.models import model_to_dictclass DrfCategoryView(APIView):def delete(self,request,*args,**kwargs):"""删除"""pk = kwargs.get('pk')models.Category.objects.filter(id=pk).delete()return Response('删除成功')
更新put
知识点
request.data 可以进行序列化和解码序列化和编码过程json格式字符串是双引号request.body: b'{"id":1,"name":"ALEX","AGE"}'先进行解码json序列化json.loads(request.body.decode('utf-8'))request.data可以接受json 和 &的数据
视图写法
from api import modelsfrom django.forms.models import model_to_dictclass DrfCategoryView(APIView):def put(self,request,*args,**kwargs):"""更新"""pk = kwargs.get('pk')models.Category.objects.filter(id=pk).update(**request.data)return Response('更新成功')
增加post
from api import modelsfrom django.forms.models import model_to_dictclass DrfCategoryView(APIView):def post(self,request,*args,**kwargs):"""增加一条分类信息"""#利用model对象之间点create 需要一条一条添加#因此需要打散字典变成关键字形式models.Category.objects.create(**request.data)return Response('成功')
序列化器serializer
查看正确的值is.vild()print(ser.validated_data)多种情况使用多个serileiter进行区分 随机应变是一个类#知识点1.model 指定哪一个model2.fields 表示需要序列化的字段,"__all__"全部字段3.depth 向下查找一层。指对外键关系会继续遍历外键对象的全部属性。category=serializers.CharField(source='get_字段_display',required=False)source可以自动查询是不是可执行的 自动加括号()展示特殊的数据(choices、FK、M2M)可使用depth source,无需加括号,在源码内部会去判断是否可执行,如果可执行自动加括号。【fk/choice】 SerializerMethodField,定义钩子方法。【m2m】
知识点
增
data=request.data 指定关键字传参 把提交的数据增加到数据库中from rest_framework import serializersclass NewCategorySerializer(serializers.ModelSerializer):class Meta:model = models.Category# fields = "__all__"fields = ['id','name']def get_date(self,obj):return obj.date.strftime('%Y-%m-%d %H:%M')def post(self,request,*args,**kwargs):ser = NewCategorySerializer(data=request.data)if ser.is_valid():ser.save()return Response(ser.data)return Response(ser.errors)
删
def delete(self, request, *args, **kwargs):pk = kwargs.get("pk")if pk:obj=models.Article.objects.filter(pk=pk).delete()print(obj)return Response('删除成功')return Response('删除失败')
改
def put(self,request,*args,**kwargs):pk = kwargs.get('pk')category_object = models.Category.objects.filter(id=pk).first()ser = NewCategorySerializer(instance=category_object,data=request.data)if ser.is_valid():ser.save()return Response(ser.data)return Response(ser.errors)
查
知识点
1.ser.data可以把quest类型变为字典ser.data2.序列化对象 instance=对应的旧值3.many=true允许查询多个表必须指定的值NewCategorySerializer(instance=queryset,many=True)
具体查询写法
class NewCategoryView(APIView):def get(self,request,*args,**kwargs):pk = kwargs.get('pk')#多条数据查询if not pk:queryset = models.Category.objects.all()ser = NewCategorySerializer(instance=queryset,many=True)return Response(ser.data)else:#单条数据查询model_object = models.Category.objects.filter(id=pk).first()ser = NewCategorySerializer(instance=model_object, many=False)return Response(ser.data)
引用类似局部钩子
1.model 指定哪一个model2.fields 表示需要序列化的字段,"__all__"全部字段3.depth 向下查找一层。指对外键关系会继续遍历外键对象的全部属性。category=serializers.CharField(source='get_字段_display',required=False)source可以自动查询是不是可执行的 自动加括号()展示特殊的数据(choices、FK、M2M)可使用depthsource,无需加括号,在源码内部会去判断是否可执行,如果可执行自动加括号。【fk/choice】 SerializerMethodField,定义钩子方法。【m2m】#datetime数据类型的显示定义一个钩子date=serializers.SerializerMethodField()def get_date(self,obj):return obj.date.strftime(%Y-%m-%d %H:%M:%S) if obj.date else ""
获取外键对应的字段值
from rest_framework import serializersfrom api import models使用这个class ArticleSerializer(serializers.ModelSerializer):source='属性.跨表字段'#名字可以写成和model字段一样用于覆盖 字段名对应的值category=serializers.CharField(source='category.name',required=False)class Meta:model = models.Articlefields = "__all__"#如果要写fields="__all__"#需要指定字段 是从获取字段名对应的值def get_x1(self,obj):return obj.category.name#查出来对象 可以点属性source可以自动查询是不是可执行的 自动加括号()
获取choice选择框对应值
获取choice选择框对应值from rest_framework import serializersfrom api import models获取对应的列表的名称class ArticleSerializer(serializers.ModelSerializer):#第一种status_txt = serializers.CharField(source='get_status_display',required=False)#第二种x2 = serializers.SerializerMethodField()#类似一个钩子def get_x2(self,obj):return obj.get_status_display()#跨表class ArticleSerializer(serializers.ModelSerializer):x1 = serializers.SerializerMethodField()class Meta:model = models.Article# fields = "__all__"fields =['id','title','summary','content','category','category_txt','x1','status','status_txt','x2']#如果放入fields#如果不写required=False或者read_onlye=False 会进行判断不为空def get_x1(self,obj)#obj当前表的对象#return 对象.字段属性.跨表字段return obj.category.name多对多SerializerMethodField,定义钩子方法。【m2m】class NewArticleSerializer(serializers.ModelSerializer): tag_info = serializers.SerializerMethodField() class Meta:model = models.Articlefields = ['title','summary','tag_info']#钩子取出每一个字典def get_tag_info(self,obj):return [row for row in obj.tag.all().values('id','title')]class FormNewArticleSerializer(serializers.ModelSerializer): class Meta:model = models.Articlefields = '__all__'
要想只更新一个字段
使用patch
partial=True#允许部分更新partial=Truedef patch(self,request,*args,**kwargs):"""局部"""pk = kwargs.get('pk')article_object = models.Article.objects.filter(id=pk).first()ser = serializer.ArticleSerializer(instance=article_object, data=request.data,partial=True)if ser.is_valid():ser.save()return Response(ser.data)return Response(ser.errors)
多对多关系
NewArticleSerializer写法
使用钩子
class NewArticleSerializer(serializers.ModelSerializer):tag_info = serializers.SerializerMethodField()class Meta:model = models.Articlefields = ['title','summary','tag_info']def get_tag_info(self,obj):return [row for row in obj.tag.all().values('id','title')]class FormNewArticleSerializer(serializers.ModelSerializer):class Meta:model = models.Articlefields = '__all__'
视图类写法
class NewArticleView(APIView):def get(self,request,*args,**kwargs):pk = kwargs.get('pk')if not pk:queryset = models.Article.objects.all()ser = serializer.NewArticleSerializer(instance=queryset,many=True)return Response(ser.data)article_object = models.Article.objects.filter(id=pk).first()ser = serializer.NewArticleSerializer(instance=article_object, many=False)return Response(ser.data)def post(self,request,*args,**kwargs):ser = serializer.FormNewArticleSerializer(data=request.data)if ser.is_valid():ser.save()return Response(ser.data)return Response(ser.errors)def put(self, request, *args, **kwargs):"""全部更新"""pk = kwargs.get('pk')article_object = models.Article.objects.filter(id=pk).first()ser = serializer.FormNewArticleSerializer(instance=article_object, data=request.data) if ser.is_valid():ser.save()return Response(ser.data)return Response(ser.errors)def patch(self,request,*args,**kwargs):"""局部"""pk = kwargs.get('pk')article_object = models.Article.objects.filter(id=pk).first()ser = serializer.FormNewArticleSerializer(instance=article_object,data=request.data,partial=True)if ser.is_valid():ser.save()return Response(ser.data)return Response(ser.errors)def delete(self,request,*args,**kwargs):pk = kwargs.get('pk')models.Article.objects.filter(id=pk).delete()return Response('删除成功')
分页
PageNumberPagination
用于固定页面显示
获取多条数据
知识点
"count": 54,#每页显示多少条数据#下一页"next": "http://127.0.0.1:8000/drf/article/?page=2",#上一页"previous": null,
类的约束
必须写指定的功能# 约束子类中必须实现f1 class Base(object):def f1(self):raise NotImplementedError('asdfasdfasdfasdf')class Foo(Base):def f1(self):print(123)obj = Foo()obj.f1()
1.可以重写pagesize的类 pagenumber 继承
引用模块from rest_framework.pagination import PageNumberPagination#引用分页模块from rest_framework import serializers#引用序列化模块class pagesize(PageNumberPagination):page_size=1class PageArticleView(APIView):def get(self,request,*args,**kwargs):queryset=models.Article.objects.all()page_obj = pagesize()#实例化一个页面大小#进行分页result = page_obj.paginate_queryset(queryset, request, self)#把分页的数据写入序列化器ser = PageArticleerializer(instance=result, many=True)return page_obj.get_paginated_response(ser.data)
2.直接更改setting配置文件
REST_FRAMEWORK = {"PAGE_SIZE":2}class PageArticleView(APIView):def get(self,request,*args,**kwargs):queryset=models.Article.objects.all()page_obj=PageNumberPagination()result=page_obj.paginate_queryset(queryset,request,self)ser=PageArticleerializer(instance=result,many=True)return Response(ser.data)
LimitOffsetPagination
offset 0 limit 1从offset开始数limit条数用于滑动灵活运用可以限制max_limit=2from rest_framework.pagination import PageNumberPaginationfrom rest_framework.pagination import LimitOffsetPaginationfrom rest_framework import serializersclass PageArticleSerializer(serializers.ModelSerializer):class Meta:model = models.Articlefields = "__all__"#重写父类class HulaLimitOffsetPagination(LimitOffsetPagination):max_limit = 2class PageArticleView(APIView):def get(self,request,*args,**kwargs):queryset = models.Article.objects.all()page_object = HulaLimitOffsetPagination()result = page_object.paginate_queryset(queryset, request, self)ser = PageArticleSerializer(instance=result, many=True)return Response(ser.data)
listapiview
url写法
url(r'^page/view/article/$', views.PageViewArticleView.as_view()),
视图写法
from rest_framework.generics import ListAPIViewclass PageViewArticleSerializer(serializers.ModelSerializer):class Meta:model = models.Articlefields = "__all__"class PageViewArticleView(ListAPIView):queryset = models.Article.objects.all()#指定类serializer_class = PageViewArticleSerializer
setting配置
#通过源码里面的配置进行分页的选择REST_FRAMEWORK = { "PAGE_SIZE":2,#分页的选择"DEFAULT_PAGINATION_CLASS":"rest_framework.pagination.PageNumberPagination"}
呼啦圈的设置
CMS系统格式
内容管理系统。CMS通常用作企业的数字信息管理系统,
功能的实现
1 增加文章(可以不写) #编写人员进行撰写 写入数据库2 文章列表3 文章详细4 评论列表
1.没有变化的类型不需要创建一张表2.数据量大的类似详细内容 需要另外开辟一张表,如果表中列(字段)太多 水平分表 进行一对一3.图片路径存入数据库4.自关联具有相同数据的表#不是必须的可以不需要写外键提高查询效率
1.url路径
urlpattent+=[]#为了区分增加的路径from django.conf.urls import urlfrom api import viewsurlpatterns = [url(r'^Atricle/$', views.AtricleView.as_view()),]urlpatterns+=[url(r'^Atricle/(?P<pk>\d+)/$', views.AtricleView.as_view()),url(r'^Comment/$', views.CommentView.as_view()),url(r'^Comment/(?P<pk>\d+)/$', views.CommentView.as_view()),]
2.model 表结构
from django.db import modelsclass UserInfo(models.Model):""" 用户表 """username = models.CharField(verbose_name='用户名',max_length=32)password = models.CharField(verbose_name='密码',max_length=64)class Article(models.Model):""" 文章表 """category_choices = ((1,'咨询'),(2,'公司动态'),(3,'分享'),(4,'答疑'),(5,'其他'),)category = models.IntegerField(verbose_name='分类',choices=category_choices)title = models.CharField(verbose_name='标题',max_length=32)image = models.CharField(verbose_name='图片路径',max_length=128) # /media/upload/....summary = models.CharField(verbose_name='简介',max_length=255)comment_count = models.IntegerField(verbose_name='评论数',default=0)read_count = models.IntegerField(verbose_name='浏览数',default=0)author = models.ForeignKey(verbose_name='作者',to='UserInfo')date = models.DateTimeField(verbose_name='创建时间',auto_now_add=True)class ArticleDetail(models.Model):article = models.OneToOneField(verbose_name='文章表',to='Article')content = models.TextField(verbose_name='内容')class Comment(models.Model):""" 评论表 """article = models.ForeignKey(verbose_name='文章',to='Article')content = models.TextField(verbose_name='评论')user = models.ForeignKey(verbose_name='评论者',to='UserInfo')# parent = models.ForeignKey(verbose_name='回复',to='self', null=True,blank=True)
3.serlizer序列化器
知识点补充
1.#序列化器写法exclude=['字段']去除不进行校验2.#序列化器内部的值ser是序列化器实例化的对象ser=序列化器(1.instance=旧值(查询的值,数据库本类就有的)2.data=要添加的值,提交的值(post请求,put,patch请求提交的值) )3.查询的时候 需要指定many=True 查询多个值必须要指定ser.is_valid():'''注意只打印存在字段的校验,传入多的值不会进行打印和数据库的写入ser.errors是所有字段校验错误的信息'''print(ser.validated_data)#相当于modelform form校验的值ser.save()#存入数据库 括号里可以写值 由其他字段传入的#article=ser.save()#aricle是新增这条数据的对象
多个序列化器
接收前端发送的所有数据但只校验 序列化器含有的字段
ser=AtricleSeriALIZER(data=request.data)
ser_detail=ArtcleDetaili(data=request.data)
if ser.is_valid() and ser_detail.is_valid()
article=ser.save(author=1)
ser_detail.save(article=article)
#可以等于对象=对象
#也可等于id=id(内容回顾)
ser_detail.save(article.id=article.id)
```
4.view视图写法
post请求
(编写数据的人员去写)
知识点
1.多个serlizer序列化器进行保存2.save里面可以添加参数可以添加对应字段的id和对象类型的数据没有办法直接添加外键对应的值 可以通过save(对应的值或者对象)3.序列化的对象就是对应文章的对象4.作者是登陆成功存入session的值 不需要手动传入
序列化器写法
exclude=['author']#去除作者不进行校验#为了把字段写活request.session获取值进行匹配取得匹配的文章#查询对应文章对象不能直接post写死 因为不知道对应的文章class AtricleSerializers(serializers.ModelSerializer):class Meta:model = models.Articleexclude = ['author', ]#外键字段不进行校验#request.session 登陆用户明进行匹配class AtricledetailSerializer(serializers.ModelSerializer):class Meta:model = models.ArticleDetailexclude = ['article', ]#外键字段不进行校验2#文章对象或者文章值来确定 来确定添加对应的文章详细信息
view视图写法
两个序列化器进行校验
def post(self, request, *args, **kwargs):ser = AtricleSerializers(data=request.data)serDetail = AtricledetailSerializer(data=request.data)print(request.data)if ser.is_valid() and serDetail.is_valid():# 因为作者id是根据登陆的id进行存储(例如session)print(ser.validated_data)atricle = ser.save(author_id=1)serDetail.save(article=atricle)return Response(f'{ser.data}{serDetail.data}')return Response('错误')
文章列表显示排序
先添加在显示
序列化写法
class AtiricleliST(serializers.ModelSerializer):class Meta:model = models.Articlefields = "__all__"
很多文章的获取get请求
多条数据1.先进行实例化分页2.把查询的数据进行分页,3.放入序列化器里面进行处理显示def get(self, request, *args, **kwargs):pk=kwargs.get("pk")if not pk:Article_obj = models.Article.objects.all().order_by('-date')Page_obj = PageNumberPagination()Page = Page_obj.paginate_queryset(Article_obj, request, self)print(Page)ser = AtiricleliST(instance=Page, many=True)print(3)return Page_obj.get_paginated_response(ser.data)
文章筛选
前端的url
全部:http://127.0.0.1:8000/hg/article/筛选:http://127.0.0.1:8000/hg/article/?category=2
视图
#筛选文章的数据class ArticleView(APIView):""" 文章视图类 """def get(self,request,*args,**kwargs):""" 获取文章列表 """pk = kwargs.get('pk')if not pk:condition = {}#存储对应筛选category =#从前端url获取值request.query_params.get('category')if category:#如果由就进行过滤condition['category'] = categoryqueryset =#**condition 字典打散然后进行筛选 分类为这个id的models.Article.objects.filter(**condition).order_by('-date')pager = PageNumberPagination()result = pager.paginate_queryset(queryset,request,self)ser = ArticleListSerializer(instance=result,many=True)return Response(ser.data)article_object = models.Article.objects.filter(id=pk).first()ser = PageArticleSerializer(instance=article_object,many=False)return Response(ser.data)
文章详细
#去除对应的外键关联字段的验证article#只有文章创建了之后才能创建文章详情#author对应的是用户id值,例如session#因为文章详细不能直接创建需要通过文章对象关联创建class AtricledetailSerializer(serializers.ModelSerializer):class Meta:model = models.ArticleDetailexclude = ['article', ]class AtricleSerializers(serializers.ModelSerializer):class Meta:model = models.Articleexclude = ['author', ]
查询一条数据的详细
view视图写法
def get(self, request, *args, **kwargs):pk=kwargs.get("pk")if not pk:Article_obj = models.Article.objects.all().order_by('-date')Page_obj = PageNumberPagination()Page = Page_obj.paginate_queryset(Article_obj, request, self)print(Page)ser = AtiricleliST(instance=Page, many=True)print(3)return Page_obj.get_paginated_response(ser.data)#正文开始 else是一条 if是多条else:Article_obj=models.Article.objects.filter(pk=pk).first()#使用序列化处理一条数据ser=AtiricleDetail(instance=Article_obj,many=False)return Response(ser.data)·································文章详细 文章表反向小写表名查询详细表Article_obj=models.Article.objects.filter(pk=pk).first()属性.小写表名.外键关联表属性print(Article_obj.articledetaili.content)
评论
1.访问get请求
http://127.0.0.1:8000/hg/comment/?article=2request.query_params.get('article')#相当于request.GET。get 获取url的值query_params获取?后面值reqeust.data 相当于post
序列化器
class MmentSerialiser(serializers.ModelSerializer):class Meta:model=models.Commentfields="__all__"
view视图
通过前端发送url进行筛选# http://127.0.0.1:8000/hg/comment/?article=2def get(self,request,*args,**kwargs):'''request.query_params.get()相当于request.GET.get()'''coment=request.query_params.get('article')coment_obj=models.Comment.objects.filter(article_id=coment)show_coment=MmentSerialiser(instance=coment_obj,many=True)return Response(show_coment.data)
2.添加文章评论post请求
#去掉对应外键字段硬不需要进行关联#request.session可以直接获取登陆的用户名class CommentSerialiser(serializers.ModelSerializer):class Meta:model=models.Commentexclude=['user']
锁定单个文章的评论增加
前端写法
#返回数据的写法#第一种http://127.0.0.1:8000/hg/comment/{article:1,content:'xxx'}#第二种http://127.0.0.1:8000/hg/comment/?article=1{content:'xxx'}
view视图写法
#文章由前端直接返回因为只有有了文章才能进行评论#通过前端数据进行返回def post(self,request,*args,**kwargs):ser=CommentSerialiser(data=request.data)if ser.is_valid():print(ser.validated_data)ser.save(user_id=1)return Response(ser.data)print(ser.errors)
过滤器
对查询出来的数据进行筛选可写可不写
from rest_framework.filters import BaseFilterBackend源码'''def filter_queryset(self, request, queryset, view):#继承了这个类必须写这个方法不然报错raise NotImplementedError(".filter_queryset() must be overridden.")'''view是当前视图selfqueryset是筛选之后的数据request 就是requestdef filter_queryset(self,request,queryset,view):pass
使用方法
对查询出来的数据进行筛选可写可不写#第一部分from rest_framework.filters import BaseFilterBackend#继承类class MyFilterBack(BaseFilterBackend):def filter_queryset(self,request,queryset,view):val = request.query_params.get('cagetory')return queryset.filter(category_id=val)#先实例化一个class Indexview(APIview):def get(self,request,*arg,**kwargs):#就是查询一个表不理他queryset=models.News.objects.all()#实例化一个类对象obj=MyFilterBack()#传值顺序request,queryset,selfresult=obj.filter_queryset(request,queryset,self)return Response('...')
视图类
F查询
def get(self,request,*args,**kwargs):# 1.获取单挑数据再做序列化result = super().get(request,*args,**kwargs)# 2.对浏览器进行自加1pk = kwargs.get('pk')models.Article.objects.filter(pk=pk).update(read_count=F('read_count')+1)# 3.对浏览器进行自加1# instance = self.get_object()# instance.read_count += 1# instance.save()return result
apiview
提供了公共方法request.data 是request.post的封装 json序列化dispatch()分发self封装了request属性self.request.method
源码剖析
@classmethoddef as_view(cls, **initkwargs):if isinstance(getattr(cls, 'queryset', None), models.query.QuerySet):def force_evaluation():raise RuntimeError('Do not evaluate the `.queryset` attribute directly, ''as the result will be cached and reused between requests. ''Use `.all()` or call `.get_queryset()` instead.')cls.queryset._fetch_all = force_evaluation#执行父类的as_view方法view = super().as_view(**initkwargs)#执行父类的super().as_view(**initkwargs)view.cls = clsview.initkwargs = initkwargs#闭包 csrf_exempt免除csrftoken的认证return csrf_exempt(view)--------------------------------------@classonlymethoddef as_view(cls, **initkwargs):"""Main entry point for a request-response process."""for key in initkwargs:if key in cls.http_method_names:raise TypeError("You tried to pass in the %s method name as a ""keyword argument to %s(). Don't do that."% (key, cls.__name__))if not hasattr(cls, key):raise TypeError("%s() received an invalid keyword %r. as_view ""only accepts arguments that are already ""attributes of the class." % (cls.__name__, key))def view(request, *args, **kwargs):self = cls(**initkwargs)if hasattr(self, 'get') and not hasattr(self, 'head'):self.head = self.getself.request = requestself.args = argsself.kwargs = kwargs#执行本类的self.dispatchreturn self.dispatch(request, *args,**kwargs)#执行viewreturn view-------------apiview的dispatch--------def dispatch(self, request, *args, **kwargs):"""`.dispatch()` is pretty much the same as Django's regular dispatch,but with extra hooks for startup, finalize, and exception handling."""self.args = argsself.kwargs = kwargs#封装老值requestrequest = self.initialize_request(request, *args, **kwargs)self.request = requestself.headers = self.default_response_headers # deprecate?try:self.initial(request, *args, **kwargs)# Get the appropriate handler methodif request.method.lower() in self.http_method_names:handler = getattr(self, request.method.lower(),self.http_method_not_allowed)else:handler = self.http_method_not_allowedresponse = handler(request, *args, **kwargs)except Exception as exc:response = self.handle_exception(exc)self.response = self.finalize_response(request, response, *args, **kwargs)return self.response
GenericAPIView
#一 初识from rest_framework.generics import GenericAPIViewGenericAPIview继承了APIviewclass NewView(GenericAPIview):querset=model.News.objects.all()def get(self,request,*arg,**kwargs):#self对应NewView的对象self.filter_queryset(self.queryset)1.执行对应的filter_queryset方法2.本类没有去寻找父类GenericAPIview'''def filter_queryset(self, queryset):for backend in list(self.filter_backends):queryset = backend().filter_queryset(self.request, queryset, self)return queryset'''#所以默认返回原来的queryset3.寻找filter_backends'''filter_backends = api_settings.DEFAULT_FILTER_BACKENDSfilter_backends是空的'''
1. 本类重写filter_backends
from rest_framework.generics import GenericAPIView#GenericAPIview继承了APIviewclass NewFiltrBackend(BaseFilterBackend):def filter_queryset(self,request,queryset,view):val = request.query_params.get('cagetory')return queryset.filter(category_id=val)class NewView(GenericAPIview):querset=model.News.objects.all()filter_backends=[NewFiltrBackend ,]def get(self,request,*arg,**kwargs):#self对应NewView的对象v=self.get_queryset()queryset=self.filter_queryset(v)1.执行对应的filter_queryset方法2.本类没有去寻找父类GenericAPIview'''源码 继承类不写self.queryset会报错assert self.queryset is not None, ("'%s' should either include a `queryset` attribute, ""or override the `get_queryset()` method."% self.__class__.__name__)''''''def filter_queryset(self, queryset):for backend in list(self.filter_backends):queryset = backend().filter_queryset(self.request, queryset, self)return queryset'''4.backend等于对应NewFiltrBackend类名() 实例化对象·· 执行NewFiltrBackend里面的filter_queryset方法3.寻找filter_backends,本类的filter_backends#filter_backends=[NewFiltrBackend ,]5.queryset=self.filter_queryset(self.queryset)是筛选之后的结果#v=self.get_queryset()queryset=self.filter_queryset(v)6.寻找对应get_queryset'''源码queryset = self.querysetif isinstance(queryset, QuerySet):# Ensure queryset is re-evaluated on each request.queryset = queryset.all()return queryset'''#返回等于筛选之后的queryset#queryset=self.filter_queryset(queryset)#queryset=get_queryset()·········self.get_serializer()···············class Newserializers(serializers.ModelSerializer):class Meta:model=models.Newsfields="__all__"class NewFiltrBackend(BaseFilterBackend):def filter_queryset(self,request,queryset,view):val = request.query_params.get('cagetory')return queryset.filter(category_id=val)class NewView(GenericAPIview):querset=model.News.objects.all()filter_backends=[NewFiltrBackend ,]def get(self,request,*arg,**kwargs):#self对应NewView的对象v=self.get_queryset()queryset=self.filter_queryset(v)self.get_serializer()#本类没有去父类找#代替了 ser=Newserializers(instance=queryset,many=True)#ser.data1.寻找get_serializer()2.'''源码def get_serializer(self, *args, **kwargs):serializer_class = self.get_serializer_class()kwargs['context'] = self.get_serializer_context()return serializer_class(*args, **kwargs)'''3.进行寻找get_serializer_class()本类没有去父类找#serializer_class = self.get_serializer_class()4.'''def get_serializer_class(self):assert self.serializer_class is not None, ("'%s' should either include a `serializer_class` attribute, ""or override the `get_serializer_class()` method."% self.__class__.__name__)return self.serializer_class''' #return self.serializer_class 返回serializer_class#get_serializer()=serializer_class在本类定义seializer_classseializer_class=Newserializers相当于 #ser=Newserializers(instance=queryset,many=True)#ser.dataser=self.get_serializer(instance=queryset,many=True)ser.data
分页
querset=model.News.objects.all()
pagination_class =PageNumberPagination
self.paginate_queryset(queryset)
'''
源码
self.paginate_queryset()
self._paginator = self.pagination_class()
需要定义
def paginator(self):
if not hasattr(self, '_paginator'):
if self.pagination_class is None:
self._paginator = None
else:
self._paginator = self.pagination_class()
return self._paginator
'''pagination_class()需要本地定义
pagination_class =PageNumberPagination
````
GenericAPIView源码总结
源码的剖析def get_queryset(self):"""Get the list of items for this view.This must be an iterable, and may be a queryset.Defaults to using `self.queryset`.This method should always be used rather than accessing `self.queryset`directly, as `self.queryset` gets evaluated only once, and those resultsare cached for all subsequent requests.You may want to override this if you need to provide differentquerysets depending on the incoming request.(Eg. return a list of items that is specific to the user)"""assert self.queryset is not None, ("'%s' should either include a `queryset` attribute, ""or override the `get_queryset()` method."% self.__class__.__name__)queryset = self.querysetif isinstance(queryset, QuerySet):# Ensure queryset is re-evaluated on each request.queryset = queryset.all()return querysetdef get_object(self):"""Returns the object the view is displaying.You may want to override this if you need to provide non-standardqueryset lookups. Eg if objects are referenced using multiplekeyword arguments in the url conf."""queryset = self.filter_queryset(self.get_queryset())# Perform the lookup filtering.lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_fieldassert lookup_url_kwarg in self.kwargs, ('Expected view %s to be called with a URL keyword argument ''named "%s". Fix your URL conf, or set the `.lookup_field` ''attribute on the view correctly.' %(self.__class__.__name__, lookup_url_kwarg))filter_kwargs = {self.lookup_field: self.kwargs[lookup_url_kwarg]}obj = get_object_or_404(queryset, **filter_kwargs)# May raise a permission deniedself.check_object_permissions(self.request, obj)return objdef get_serializer(self, *args, **kwargs):"""Return the serializer instance that should be used for validating anddeserializing input, and for serializing output."""serializer_class = self.get_serializer_class()kwargs['context'] = self.get_serializer_context()return serializer_class(*args, **kwargs)def get_serializer_class(self):"""Return the class to use for the serializer.Defaults to using `self.serializer_class`.You may want to override this if you need to provide differentserializations depending on the incoming request.(Eg. admins get full serialization, others get basic serialization)"""assert self.serializer_class is not None, ("'%s' should either include a `serializer_class` attribute, ""or override the `get_serializer_class()` method."% self.__class__.__name__)return self.serializer_classdef get_serializer_context(self):"""Extra context provided to the serializer class."""return {'request': self.request,'format': self.format_kwarg,'view': self}def filter_queryset(self, queryset):"""Given a queryset, filter it with whichever filter backend is in use.You are unlikely to want to override this method, although you may needto call it either from a list view, or from a custom `get_object`method if you want to apply the configured filtering backend to thedefault queryset."""for backend in list(self.filter_backends):queryset = backend().filter_queryset(self.request, queryset, self)return queryset
源码解释
from rest_framework.generics import GenericAPIViewfrom rest_framework.filters import BaseFilterBackendfrom rest_framework import serializersGenericAPIview继承了APIviewclass Newserializers(serializers.ModelSerializer):class Meta:model=models.Newsfields="__all__"class NewFiltrBackend(BaseFilterBackend):def filter_queryset(self,request,queryset,view):val = request.query_params.get('cagetory')return queryset.filter(category_id=val)class NewView(GenericAPIview):querset=model.News.objects.all()filter_backends=[NewFiltrBackend ,]seializer_class=Newserializersdef get(self,request,*arg,**kwargs):#self对应NewView的对象v=self.get_queryset()queryset=self.filter_queryset(v)self.get_serializer(instance==queryset,many=True)retutn Response(ser.data)'''1.querset=model.News.objects.all()2.filter_backends=[NewFiltrBackend ,]3.seializer_class=Newserializers4.pagination_class =PageNumberPagination1.查询self.get_queryset()#等于querset=model.News.objects.all()2.序列化self.get_serializer()等于seializer_class=Newserializers()3.筛选self.filter_queryset()等于filter_backends=[NewFiltrBackend ,]内部有一个for循环列表 同等与NewFiltrBackend()4.分页self.paginate_queryset(queryset)等于page_obj=PageNumberPagination()'''
基于GenericAPIView
listapiview查看
基于GenericAPIView
模拟get请求
1.queryset2.分页#settings的配置paginator.paginate_queryset(queryset, self.request, view=self)"DEFAULT_PAGINATION_CLASS":"rest_framework.pagination.PageNumberPagination","PAGE_SIZE":2,3.序列化4.返回序列化数据
源码剖析
#源码def get(self, request, *args, **kwargs):return self.list(request, *args, **kwargs)1.执行listdef list(self, request, *args, **kwargs):queryset = self.filter_queryset(self.get_queryset())#self.get_queryset()执行自定的#queryset=model.News.objects.all()#self.filter_queryset()筛选执行#filter_backends=[NewFiltrBackend ,]#执行对应本类的filter_queryset2. page = self.paginate_queryset(queryset)#分页#执行 pagination_class =PageNumberPaginationif page is not None:3.serializer = self.get_serializer(page, many=True)#序列化 执行seializer_class=Newserializersreturn self.get_paginated_response(serializer.data)serializer = self.get_serializer(queryset, many=True)return Response(serializer.data)#最后返回序列化的数据
RetrieveAPIView单条查看
模拟get请求
执行流程
1. #对应获得对象 自己要定义单条数据 queryset2. #序列化3. #返回数据
源码剖析
class RetrieveAPIView(mixins.RetrieveModelMixin,GenericAPIView):#从左往右继承def get(self, request, *args, **kwargs):return self.retrieve(request, *args, **kwargs)#去找retrieve这个方法class RetrieveModelMixin:"""Retrieve a model instance."""def retrieve(self, request, *args, **kwargs):#对应获得对象instance = self.get_object()#序列化serializer = self.get_serializer(instance)#返回数据return Response(serializer.data)执行def get_object(self):"""Returns the object the view is displaying.You may want to override this if you need to provide non-standardqueryset lookups. Eg if objects are referenced using multiplekeyword arguments in the url conf."""queryset = self.filter_queryset(self.get_queryset())# Perform the lookup filtering.lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_fieldassert lookup_url_kwarg in self.kwargs, ('Expected view %s to be called with a URL keyword argument ''named "%s". Fix your URL conf, or set the `.lookup_field` ''attribute on the view correctly.' %(self.__class__.__name__, lookup_url_kwarg))return obj
基于GenericAPIView
createapiview创建
基于GenericAPIView
封装了post请求
执行流程
1.序列化2.序列化验证3.保存数据
源码剖析
def post(self, request, *args, **kwargs):return self.create(request, *args, **kwargs)1.执行createdef create(self, request, *args, **kwargs):serializer = self.get_serializer(data=request.data)#序列化serializer.is_valid(raise_exception=True)#序列化验证self.perform_create(serializer)'''保存数据def perform_create(self, serializer):serializer.save()'''headers = self.get_success_headers(serializer.data)return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
示例使用
#第一种写法重写create书写 多条序列化器def create(self, request, *args, **kwargs):article = articleseralizer(data=request.data)articleDetail = atricleDetaliser(data=request.data)if article.is_valid() and articleDetail.is_valid():article_obj = article.save(author=request.user)print(">>>>>>>>>", request.user, type(request.user))articleDetail.save(article=article_obj)return Response('修改成功')else:return Response(f"{article.errors},{articleDetail.errors}")#第二种方式重写序列化器分发def get_serializer_class(self):self.request.method=="POST":return 对应序列化器self.request.method=="GET":return 对应序列化器def perform_create(self,serializer):Aritlel=serializer.save(author)serializer_second=AricleSerializer(data=request.data)serializer.save(aritle=Aritlel)字段对象=对象
UpdateAPIView全局局部
封装了局部更新和全局更新
基于GenericAPIView
执行流程
1.获取更新那条数据的对象2.序列化2.序列化校验3.校验成功更新
源码剖析
def put(self, request, *args, **kwargs):return self.update(request, *args, **kwargs)'''def update(self, request, *args, **kwargs):partial = kwargs.pop('partial', False)instance = self.get_object()'''#执行queryset查询处理的model对象#相当于#queryset=model.表名.object.filter(pk=pk).frist()'''serializer = self.get_serializer(instance, data=request.data, partial=partial)默认不为Ture#执行对应的序列化serializer.is_valid(raise_exception=True)#序列化验证self.perform_update(serializer)'''# def perform_update(self, serializer):#serializer.save()def patch(self, request, *args, **kwargs):return self.partial_update(request, *args, **kwargs)'''def partial_update(self, request, *args, **kwargs):kwargs['partial'] = Truereturn self.update(request, *args, **kwargs)'''执行'''def update(self, request, *args, **kwargs):partial = kwargs.pop('partial', False)instance = self.get_object()'''#执行queryset查询处理的model对象#相当于#queryset=model.表名.object.filter(pk=pk).frist()'''serializer = self.get_serializer(instance, data=request.data, partial=partial)kwargs['partial'] = True 局部更新#执行对应的序列化serializer.is_valid(raise_exception=True)#序列化验证self.perform_update(serializer)'''# def perform_update(self, serializer):#serializer.save()
删除DestroyAPIView
执行流程
1.传入对象2.执行def perform_destroy(self, instance):3.删除
源码剖析
def delete(self, request, *args, **kwargs):return self.destroy(request, *args, **kwargs)def destroy(self, request, *args, **kwargs):instance = self.get_object()#c传入对象删除self.perform_destroy(instance)return Response(status=status.HTTP_204_NO_CONTENT)def perform_destroy(self, instance):instance.delete()#删除
Viewset视图类
是APIview视图类的继承对象
createapiviewUpdateAPIview。。。。等等
使用方法
1.直接继承即可2.因为没有封装对应get post等请求方法 一点点去找父类的方法3.GenericViewSet(ViewSetMixin)它继承的ViewSetMixin4.重写了asview()需要传参5.使用两个类进行id和没有id的区分url(r'^article/$',article.AtricleView.as_view({"get":"list"}))url(r'^article/(?P<pk>\d+)/$',article.AtricleView.as_view({"get":"retrieve"}))
知识点
from rest_framework.viewsets import GenericVIewSetclass GenericViewSet(ViewSetMixin,generics.GenericAPIView):默认继承GenericAPIViewdef get_serializer_class(self):pk = self.kwargs.get('pk')if pk:return ArticleDetailSerializerreturn ArticleSerializer
ListModelMixin添加
源码
def list(self, request, *args, **kwargs):queryset = self.filter_queryset(self.get_queryset())page = self.paginate_queryset(queryset)if page is not None:serializer = self.get_serializer(page, many=True)return self.get_paginated_response(serializer.data)serializer = self.get_serializer(queryset, many=True)return Response(serializer.data)
RetrieveModelMixin单条查询
源码
def retrieve(self, request, *args, **kwargs):instance = self.get_object()serializer = self.get_serializer(instance)return Response(serializer.data)
UpdateModelMixin更新
源码
def update(self, request, *args, **kwargs):partial = kwargs.pop('partial', False)instance = self.get_object()serializer = self.get_serializer(instance, data=request.data, partial=partial)serializer.is_valid(raise_exception=True)self.perform_update(serializer)if getattr(instance, '_prefetched_objects_cache', None):# If 'prefetch_related' has been applied to a queryset, we need to# forcibly invalidate the prefetch cache on the instance.instance._prefetched_objects_cache = {}return Response(serializer.data)def perform_update(self, serializer):serializer.save()#def partial_update(self, request, *args, **kwargs):kwargs['partial'] = Truereturn self.update(request, *args, **kwargs)class
DestroyModelMixin:
删除
源码
class DestroyModelMixin:"""Destroy a model instance."""def destroy(self, request, *args, **kwargs):instance = self.get_object()self.perform_destroy(instance)return Response(status=status.HTTP_204_NO_CONTENT)def perform_destroy(self, instance):instance.delete()
版本
setting配置
default_version = api_settings.DEFAULT_VERSION#默认版本allowed_versions = api_settings.ALLOWED_VERSIONS#指定版本version_param = api_settings.VERSION_PARAM#url版本传输关键字#指定版本类类"DEFAULT_VERSIONING_CLASS":"rest_framework.versioning.URLPathVersioning",
知识点
dispath 老的request 封装了很多功能request.version#版本scheme#版本对象#执行返回一个版本元组 第一个是版本第二个是版本对象def determine_version(self, request, *args, **kwargs):"""If versioning is being used, then determine any API version for theincoming request. Returns a two-tuple of (version, versioning_scheme)"""if self.versioning_class is None:return (None, None)scheme = self.versioning_class()return (scheme.determine_version(request, *args, **kwargs), scheme)request.version, request.versioning_scheme = version, scheme
源码执行流程
class APIView(View):versioning_class = api_settings.DEFAULT_VERSIONING_CLASSdef dispatch(self, request, *args, **kwargs):# ###################### 第一步 ###########################"""request,是django的request,它的内部有:request.GET/request.POST/request.methodargs,kwargs是在路由中匹配到的参数,如:url(r'^order/(\d+)/(?P<version>\w+)/$', views.OrderView.as_view()),http://www.xxx.com/order/1/v2/"""self.args = argsself.kwargs = kwargs"""request = 生成了一个新的request对象,此对象的内部封装了一些值。request = Request(request)- 内部封装了 _request = 老的request"""request = self.initialize_request(request, *args, **kwargs)self.request = requestself.headers = self.default_response_headers # deprecate?try:# ###################### 第二步 ###########################self.initial(request, *args, **kwargs)执行视图函数。。def initial(self, request, *args, **kwargs):# ############### 2.1 处理drf的版本 ##############version, scheme = self.determine_version(request, *args, **kwargs)request.version, request.versioning_scheme = version, scheme...def determine_version(self, request, *args, **kwargs):if self.versioning_class is None:return (None, None)#是版本类的实例化对象scheme = self.versioning_class()# obj = XXXXXXXXXXXX()return (scheme.determine_version(request, *args, **kwargs), scheme)class OrderView(APIView):versioning_class = URLPathVersioningdef get(self,request,*args,**kwargs):print(request.version)print(request.versioning_scheme)return Response('...')def post(self,request,*args,**kwargs):return Response('post')
1.局部配置
视图写法
from rest_framework.views import APIViewfrom rest_framework.response import Responsefrom rest_framework.request import Requestfrom rest_framework.versioning import URLPathVersioningclass OrderView(APIView):versioning_class = URLPathVersioningdef get(self,request,*args,**kwargs):print(request.version)print(request.versioning_scheme)return Response('...')def post(self,request,*args,**kwargs):return Response('post')
setting配置
REST_FRAMEWORK = {"ALLOWED_VERSIONS":['v1','v2'],'VERSION_PARAM':'version'}
2.全局配置
不用手动一个个加全部都配置上
url
url(r'^(?P<version>[v1|v2]+)/users/$', users_list, name='users-list'),url(r'^(?P<version>\w+)/users/$', users_list, name='users-list'),
settings配置
REST_FRAMEWORK = {指定版本类 必须要写要些路径 "DEFAULT_VERSIONING_CLASS":"rest_framework.versioning.URLPathVersioning",#限制版本范围"ALLOWED_VERSIONS":['v1','v2'],#指定url有名分组的关键字'VERSION_PARAM':'version'}
认证
自定义认证token把数据库的user拿出来比较如果想使用**request.data 就要把他变为字典 所以前端要返回json数据类型源码写法#配置authentication_classes = api_settings.DEFAULT_AUTHENTICATION_CLASSES
局部配置
和登陆配合使用import uuidfrom django.shortcuts import renderfrom django.views import Viewfrom django.views.decorators.csrf import csrf_exemptfrom django.utils.decorators import method_decoratorfrom rest_framework.versioning import URLPathVersioningfrom rest_framework.views import APIViewfrom rest_framework.response import Responseclass Loginview(APIView):versioning_class = None#认证写法authentication_classes = [Myauthentication, ]def post(self,request,*args,**kwargs):user_object = models.UserInfo.objects.filter(**request.data).first()if not user_object:return Response('登录失败')random_string = str(uuid.uuid4())user_object.token = random_stringuser_object.save()return Response(random_string)class MyAuthentication:def authenticate(self, request):"""Authenticate the request and return a two-tuple of (user, token)."""token = request.query_params.get('token')user_object = models.UserInfo.objects.filter(token=token).first()if user_object:return (user_object,token)return (None,None)class OrderView(APIView):authentication_classes = [MyAuthentication, ]def get(self,request,*args,**kwargs):print(request.user)print(request.auth)return Response('order')class UserView(APIView):authentication_classes = [MyAuthentication,]def get(self,request,*args,**kwargs):print(request.user)print(request.auth)return Response('user')···············手写认证类····························class Myauthentication:# 认证# versioning_class = None#手写认证def authenticate(self, request):token = request.query_params.get('token')print(token)user_object = models.UserInfo.objects.filter(token=token).first()print(user_object)if user_object:print(1)#必须返回一个元组的形式#返回对应的user_object和token值return (user_object, token)else:print(2)return (None, None)----------------------为什么要返回元组----------------------#为什么要返回元组def _authenticate(self):"""Attempt to authenticate the request using each authentication instancein turn."""for authenticator in self.authenticators:try:user_auth_tuple =#到这返回为什么可以执行对应的方法authenticator.authenticate(self)except exceptions.APIException:self._not_authenticated()raiseif user_auth_tuple is not None:#把查询出来的元组self._authenticator = authenticator#给user和auth进行赋值self.user, self.auth = user_auth_tuple#必须返回一个元组的形式return#结束函数self._not_authenticated()def _not_authenticated(self):"""Set authenticator, user & authtoken representing an unauthenticated request.Defaults are None, AnonymousUser & None."""self._authenticator = Noneif api_settings.UNAUTHENTICATED_USER:#user 没有设置返回noneself.user =#匿名用户api_settings.UNAUTHENTICATED_USER()else:self.user = Noneif api_settings.UNAUTHENTICATED_TOKEN:self.auth =#对应author没有设置返回noneapi_settings.UNAUTHENTICATED_TOKEN()else:self.auth = None
全局配置
DEFAULT_AUTHENTICATION_CLASSES=['写一个认证的类手写的']class Myauthentication:# 认证# versioning_class = None#手写认证def authenticate(self, request):token = request.query_params.get('token')print(token)user_object = models.UserInfo.objects.filter(token=token).first()print(user_object)if user_object:print(1)#必须返回一个元组的形式#返回对应的user_object和token值return (user_object, token)else:print(2)return (None, None)'''# raise Exception(), 不在继续往下执行,直接返回给用户。# return None ,本次认证完成,执行下一个认证# return ('x',"x"),认证成功,不需要再继续执行其他认证了,继续往后权限、节流、视图函数'''
view视图写法
class LoginView(APIView):authentication_classes = []def post(self,request,*args,**kwargs):user_object = models.UserInfo.objects.filter(**request.data).first()if not user_object:return Response('登录失败')random_string = str(uuid.uuid4())user_object.token = random_stringuser_object.save()return Response(random_string)class OrderView(APIView):# authentication_classes = [TokenAuthentication, ]def get(self,request,*args,**kwargs):print(request.user)print(request.auth)if request.user:return Response('order')return Response('滚')class UserView(APIView):同上
源码执行流程
'''当请求发过来的实话会先执行 apiview里面的dispath方法1.执行认证的dispatch的方法2.dispatch方法会执行initialize_request方法封装旧的request对象3.在封装的过程中会执行get_authenticators(self): 并实例化列表中的每一个认证类如果自己写的类有对应的认证类 会把认证类的实例化对象封装到新的request当中继续执行initial会执行认证里面的perform_authentication 执行request.user会执行循环每一个对象执行对应的authenticate方法会有三种返回值# raise Exception(), 不在继续往下执行,直接返回给用户。# return None ,本次认证完成,执行下一个认证# return ('x',"x"),认证成功,不需要再继续执行其他认证了,继续往后权限、节流、视图函数里面会执行四件事版本认证权限节流'''def dispatch(self, request, *args, **kwargs):"""`.dispatch()` is pretty much the same as Django's regular dispatch,but with extra hooks for startup, finalize, and exception handling."""self.args = argsself.kwargs = kwargs#封装旧的requestrequest = self.initialize_request(request, *args, **kwargs)self.request = requestself.headers = self.default_response_headers # deprecate?循环自定义的认证#request封装旧的request执行initialize_requestdef initialize_request(self, request, *args, **kwargs):"""Returns the initial request object."""parser_context = self.get_parser_context(request)return Request(request,parsers=self.get_parsers(),authenticators=self.get_authenticators(),negotiator=self.get_content_negotiator(),parser_context=parser_context)def get_authenticators(self):"""Instantiates and returns the list of authenticators that this view can use."""return [auth() for auth in self.authentication_classes]def initial(self, request, *args, **kwargs):"""Runs anything that needs to occur prior to calling the method handler."""self.format_kwarg = self.get_format_suffix(**kwargs)# Perform content negotiation and store the accepted info on the requestneg = self.perform_content_negotiation(request)request.accepted_renderer, request.accepted_media_type = neg# Determine the API version, if versioning is in use.version, scheme = self.determine_version(request, *args, **kwargs)request.version, request.versioning_scheme = version, scheme# Ensure that the incoming request is permittedself.perform_authentication(request)self.check_permissions(request)self.check_throttles(request)#执行完四件事在执行视图
权限
message=消息 自定义错误消息可以自定义错误信息'''for permission in self.get_permissions():if not permission.has_permission(request, self):self.permission_denied(request, message=getattr(permission, 'message', None))'''本质上自定义和return Flase单条验证验证两次不写url_kwarg默认封装识别pk关键字
重写错误信息的两种方式
第一种
message={"code":"恭喜你报错了"}
第二种
from rest_framework.permissions import BasePermissionfrom rest_framework import exceptionsclass MyPermission(BasePermission):#第一种message = {'code': 10001, 'error': '你没权限'}def has_permission(self, request, view):#request.user执行认证if request.user:return True#自定义错误信息raise exceptions.PermissionDenied({'code': 10001, 'error': '你没权限'})return Falsedef has_object_permission(self, request, view, obj):"""Return `True` if permission is granted, `False` otherwise."""return False#对应源码相当于重写了错误信息#执行顺序dispatch---》intital--》check_permissions--》permission_denieddef permission_denied(self, request, message=None):"""If request is not permitted, determine what kind of exception to raise."""if request.authenticators and not request.successful_authenticator:raise exceptions.NotAuthenticated()raise#等于message 或者自定义错误函数#raise exceptions.PermissionDenied({'code': 10001, 'error': '你没权限'})exceptions.PermissionDenied(detail=message)················源码··················def check_permissions(self, request):for permission in self.get_permissions():if not permission.has_permission(request, self):self.permission_denied(request, message=getattr(permission, 'message', None))
源码剖析
执行流程
apiview---dispatch---initial---执行权限判断如果自己写了权限类 会先循环权限类并实例化存在列表当中然后循环列表对象,如果权限判断返回不为Ture机会进行主动抛出异常可以自定义错误信息
具体代码
class APIView(View):permission_classes = api_settings.DEFAULT_PERMISSION_CLASSESdef dispatch(self, request, *args, **kwargs):封装request对象self.initial(request, *args, **kwargs)通过反射执行视图中的方法def initial(self, request, *args, **kwargs):版本的处理# 认证self.perform_authentication(request)# 权限判断self.check_permissions(request)self.check_throttles(request)#执行认证def perform_authentication(self, request):request.userdef check_permissions(self, request):# [对象,对象,]self.执行'''def get_permissions(self):return [permission() for permission in self.permission_classes]'''for permission in self.get_permissions():if not permission.has_permission(request, self):self.permission_denied(request, message=getattr(permission, 'message', None))def permission_denied(self, request, message=None):if request.authenticators and not request.successful_authenticator:raise exceptions.NotAuthenticated()raise exceptions.PermissionDenied(detail=message)#class UserView(APIView):permission_classes = [MyPermission, ]def get(self,request,*args**kwargs):return Response('user')
使用
class MyPermission(BasePermission):message = {'code': 10001, 'error': '你没权限'}def has_permission(self, request, view):#request.user执行认证if request.user:return Trueraise exceptions.PermissionDenied({'code': 10001, 'error': '你没权限'})return Falsedef has_object_permission(self, request, view, obj):"""Return `True` if permission is granted, `False` otherwise."""return Falseclass UserView(APIView):先执行上面的数据permission_classes = [MyPermission, ]#再执行def get(self,request,*args**kwargs):return Response('user')
源码流程
``python def dispatch(self, request, *args, **kwargs): """.dispatch()` is pretty much the same as Django's regular dispatch,
but with extra hooks for startup, finalize, and exception handling.
"""
self.args = args
self.kwargs = kwargs
request = self.initialize_request(request, *args, **kwargs)
self.request = request
self.headers = self.default_response_headers # deprecate?
try:#走这self.initial(request, *args, **kwargs)
`````````````````def initial``````````````````````````
def initial(self, request, *args, **kwargs):"""Runs anything that needs to occur prior to calling the method handler."""self.format_kwarg = self.get_format_suffix(**kwargs)# Perform content negotiation and store the accepted info on the requestneg = self.perform_content_negotiation(request)request.accepted_renderer, request.accepted_media_type = neg# Determine the API version, if versioning is in use.version, scheme ='''第三步'''self.determine_version(request, *args, **kwargs)request.version, request.versioning_scheme = version, scheme# Ensure that the incoming request is permittedself.perform_authentication(request)self.check_permissions(request)self.check_throttles(request)
第二步
def check_permissions(self, request):
# [对象,对象,]
self.执行
'''
def get_permissions(self):
return [permission() for permission in self.permission_classes]
'''
for permission in self.get_permissions():
if not permission.has_permission(request, self):
self.permission_denied(request, message=getattr(permission, 'message', None))
def permission_denied(self, request, message=None):
if request.authenticators and not request.successful_authenticator:
raise exceptions.NotAuthenticated()
raise exceptions.PermissionDenied(detail=message)
```
第三步
def determine_version(self, request, *args, **kwargs):if self.versioning_class is None:return (None, None)scheme = self.versioning_class()return (scheme.determine_version(request, *args, **kwargs), scheme)
单挑数据的验证
单挑数据
def has_object_permission(self, request, view, obj):"""Return `True` if permission is granted, `False` otherwise."""return False#在执行RetrieveAPIView 会执行单挑数据的验证def get_object(self):queryset = self.filter_queryset(self.get_queryset())# Perform the lookup filtering.#不写url_kwarg默认封装识别pk关键字lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_fieldassert lookup_url_kwarg in self.kwargs, ('Expected view %s to be called with a URL keyword argument ''named "%s". Fix your URL conf, or set the `.lookup_field` ''attribute on the view correctly.' %(self.__class__.__name__, lookup_url_kwarg))filter_kwargs = {self.lookup_field: self.kwargs[lookup_url_kwarg]}obj = get_object_or_404(queryset, **filter_kwargs)# May raise a permission denied#检验单挑数据的权限self.check_object_permissions(self.request, obj)return obj···················check_object_permissions··········def check_object_permissions(self, request, obj):"""Check if the request should be permitted for a given object.Raises an appropriate exception if the request is not permitted."""for permission in self.get_permissions():if not permission.has_object_permission(request, self, obj):self.permission_denied(request, message=getattr(permission, 'message', None))执行has_object_permissiondef has_object_permission(self, request, view, obj):return True
版本认证权限执行流程
1.首先所有方法都执行父类的apiview方法2.执行dispatch方法3.进行def get_authenticators(self):return [auth() for auth in self.authentication_classes]4.intiail request.user
如果代码中出现了CSRF使用装饰器即可
from django.views.decorators.csrf import csrf_exemptfrom django.utils.decorators import method_decoratordef csrf_exempt(view_func):"""Marks a view function as being exempt from the CSRF view protection."""# We could just do view_func.csrf_exempt = True, but decorators# are nicer if they don't have side-effects, so we return a new# function.def wrapped_view(*args, **kwargs):return view_func(*args, **kwargs)wrapped_view.csrf_exempt = Truereturn wraps(view_func, assigned=available_attrs(view_func))(wrapped_view)
drf访问频率的限制
- 匿名用户,用IP作为用户唯一标记,但如果用户换代理IP,无法做到真正的限制。- 登录用户,用用户名或用户ID做标识。可以做到真正的限制
知识点
{throttle_anon_1.1.1.1:[100121340,],1.1.1.2:[100121251,100120450,]}限制:60s能访问3次来访问时:1.获取当前时间 1001212802.100121280-60 = 100121220,小于100121220所有记录删除全部剔除3.判断1分钟以内已经访问多少次了? 4判断访问次数4.无法访问停一会来访问时:1.获取当前时间 1001213402.100121340-60 = 100121280,小于100121280所有记录删除3.判断1分钟以内已经访问多少次了? 04.可以访问
执行流程
在视图类中配置 throttle_classes= [] 这是一个列表实现 allow_request 方法 wait 是一个提示方法返回 True/False。True 可以继续访问,False 表示限制全局配置DEFAULT_THROTTLE_CLASSE,节流限制类DEFAULT_THROTTLE_RATES 表示频率限制,比如 10/m 表示 每分钟 10 次源码在 initial 中实现 check_throttles 方法在进行节流之前已经做了版本认证权限#dispatch分发def initial(self, request, *args, **kwargs):#版本version, scheme = self.determine_version(request, *args, **kwargs)request.version, request.versioning_scheme = version, scheme# Ensure that the incoming request is permitted#认证self.perform_authentication(request)#权限self.check_permissions(request)#频率限制self.check_throttles(request)1.先找allow_request本类没有去父类找 同dispatch2.执行对应的rate获取对应scope 节流的频率2.key是获取ip值3.history是获取ip地址 获取对应的访问时间记录'''self.history = self.cache.get(self.key, [])'''4.对应的访问记录等于ture获取到值,把当前的时间减去一个自己设定的时间戳'''while self.history and self.history[-1] <= self.now - self.duration:#条件满足 把最后一个值删除#再去循环判断self.history.pop()'''5.然后判断访问次数有没有大于自己设定的值'''if len(self.history) >= self.num_requests:满足条件走这return self.throttle_failure()不满足条件走这return self.throttle_success()'''6.成功 def throttle_success(self):"""Inserts the current request's timestamp along with the keyinto the cache."""self.history.insert(0, self.now)self.cache.set(self.key, self.history, self.duration)return True6.失败def throttle_failure(self):"""Called when a request to the API has failed due to throttling."""return False#不可以访问7如果返回false进入等待时间def wait(self):"""Returns the recommended next request time in seconds."""if self.history:remaining_duration = self.duration - (self.now - self.history[-1])else:remaining_duration = self.durationavailable_requests = self.num_requests - len(self.history) + 1if available_requests <= 0:return Nonereturn remaining_duration / float(available_requests)
源码
#dispatch分发def initial(self, request, *args, **kwargs):#版本version, scheme = self.determine_version(request, *args, **kwargs)request.version, request.versioning_scheme = version, scheme# Ensure that the incoming request is permitted#认证self.perform_authentication(request)#权限self.check_permissions(request)#频率限制self.check_throttles(request)def check_throttles(self, request):throttle_durations = []for throttle in self.get_throttles():#找到当前类的allow_requestif not throttle.allow_request(request, self):throttle_durations.append(throttle.wait())if throttle_durations:durations = [duration for duration in throttle_durationsif duration is not None]duration = max(durations, default=None)self.throttled(request, duration)#执行类的allow_requestdef allow_request(self, request, view):"""Implement the check to see if the request should be throttled.On success calls `throttle_success`.On failure calls `throttle_failure`."""if self.rate is None:return True获取'''def __init__(self):if not getattr(self, 'rate', None):self.rate = self.get_rate()self.num_requests, self.duration = self.parse_rate(self.rate)当前这个类有一个获取rate的方法'''#执行get_rate读取settings设置的配置文件'''def get_rate(self):#如果不设置会进行报错try:#设置了就进行键取值return self.THROTTLE_RATES[self.scope]except KeyError:msg = "No default throttle rate set for '%s' scope" % self.scoperaise ImproperlyConfigured(msg)'''#通过键去取值/进行分割获取值'''def parse_rate(self, rate):if rate is None:return (None, None)num, period = rate.split('/')num_requests = int(num)duration = {'s': 1, 'm': 60, 'h': 3600, 'd': 86400}[period[0]]return (num_requests, duration)'''#这步继续往下执行继承类的get_cache_keyself.key = self.get_cache_key(request, view)#匿名#继承了class AnonRateThrottle(SimpleRateThrottle):'''scope = 'anon'def get_cache_key(self, request, view):if request.user.is_authenticated:return None # Only throttle unauthenticated requests.return self.cache_format % {'scope': self.scope,'ident': self.get_ident(request)}}#返回字符串格式化throttle_(匿名)anon_(ip地址的拼接)1.1.1.1:[100121340,],'''#根据用户进行判断 重写get_cache_key''''''if self.key is None:return Trueself.history = self.cache.get(self.key, [])self.now = self.timer()# Drop any requests from the history which have now passed the# throttle durationwhile self.history and self.history[-1] <= self.now - self.duration:self.history.pop()#元组返回的值num_requestsif len(self.history) >= self.num_requests:#不可以访问return self.throttle_failure()#可以访问return self.throttle_success()'''6.成功 def throttle_success(self):#成功把访问的当前时间插入historyself.history.insert(0, self.now)self.cache.set(self.key, self.history, self.duration)return True6.失败def throttle_failure(self):"""Called when a request to the API has failed due to throttling."""return False#不可以访问'''
默认配置文件写法settings
REST_FRAMEWORK = {throttle_classes = [AnonRateThrottle,]"DEFAULT_THROTTLE_RATES":{"anon":"3/m"}#这样写的原因 源码#通过匿名scope = 'anon'def get_cache_key(self, request, view):if request.user.is_authenticated:return None # Only throttle unauthenticated requests.return self.cache_format % {'scope': self.scope,'ident': self.get_ident(request)}}#获取全局设置的步骤def __init__(self):if not getattr(self, 'rate', None):#第一步self.rate = self.get_rate()'''以设置的键进行取值获取时间def get_rate(self):如果不设置就进行报错try:return self.THROTTLE_RATES[self.scope]except KeyError:msg = "No default throttle rate set for '%s' scope" % self.scoperaise ImproperlyConfigured(msg)'''self.num_requests, self.duration = self.parse_rate(self.rate)#后面设置值格式#例 "DEFAULT_THROTTLE_RATES":{"anon":"3/m"}以/分割 前面是限制的次数 后面的是访问限制的时间'''def parse_rate(self, rate):if rate is None:return (None, None)num, period = rate.split('/')num_requests = int(num)duration = {'s': 1, 'm': 60, 'h': 3600, 'd': 86400}[period[0]]return (num_requests, duration)'''之后执行对应字典的取值key=throttle_(匿名)anon_(ip地址的拼接)1.1.1.1:[100121340,],#值self.key = self.get_cache_key(request, view)if self.key is None:return Trueself.history = self.cache.get(self.key, [])self.now = self.timer()# Drop any requests from the history which have now passed the# throttle durationwhile self.history and self.history[-1] <= self.now - self.duration:self.history.pop()if len(self.history) >= self.num_requests:return self.throttle_failure()return self.throttle_success()
根据匿名用户和id进行判断
全局配置
REST_FRAMEWORK = {'DEFAULT_THROTTLE_CLASSES': ['api.utils.throttles.throttles.LuffyAnonRateThrottle','api.utils.throttles.throttles.LuffyUserRateThrottle',],'DEFAULT_THROTTLE_RATES': {#不重写的默认走这'anon': '10/day','user': '10/day','luffy_anon': '10/m','luffy_user': '20/m',},}settings
url写法
from django.conf.urls import url, includefrom web.views.s3_throttling import TestViewurlpatterns = [url(r'^test/', TestView.as_view()),]urls.py
settings写法局部
REST_FRAMEWORK = {'UNAUTHENTICATED_USER': None,'UNAUTHENTICATED_TOKEN': None,'DEFAULT_THROTTLE_RATES': {'luffy_anon': '10/m','luffy_user': '20/m',},}settings.py
根据匿名ip或者user 进行判断
视图写法
#!/usr/bin/env python# -*- coding:utf-8 -*-from rest_framework.views import APIViewfrom rest_framework.response import Responsefrom rest_framework.throttling import SimpleRateThrottleclass LuffyAnonRateThrottle(SimpleRateThrottle):"""匿名用户,根据IP进行限制"""scope = "luffy_anon"def get_cache_key(self, request, view):# 用户已登录,则跳过 匿名频率限制if request.user:return Nonereturn self.cache_format % {'scope': self.scope,'ident': self.get_ident(request)}class LuffyUserRateThrottle(SimpleRateThrottle):"""登录用户,根据用户token限制"""#重写scopescope = "luffy_user"def get_ident(self, request):"""认证成功时:request.user是用户对象;request.auth是token对象:param request::return:"""# return request.auth.tokenreturn "user_token"def get_cache_key(self, request, view):"""获取缓存key:param request::param view::return:"""# 未登录用户,则跳过 Token限制if not request.user:return Nonereturn self.cache_format % {'scope': self.scope,'ident': self.get_ident(request)}class TestView(APIView):throttle_classes = [LuffyUserRateThrottle, LuffyAnonRateThrottle, ]def get(self, request, *args, **kwargs):# self.dispatchprint(request.user)print(request.auth)return Response('GET请求,响应内容')def post(self, request, *args, **kwargs):return Response('POST请求,响应内容')def put(self, request, *args, **kwargs):return Response('PUT请求,响应内容')
源码
class AnonRateThrottle(SimpleRateThrottle):
scope = 'anon'
def get_cache_key(self, request, view):
if request.user.is_authenticated:
return None
# Only throttle unauthenticated requests.
return self.cache_format % {'scope': self.scope,'ident': self.get_ident(request)}
def get_cache_key(self, request, view):
return self.get_ident(request)#获取对应的ip值
````
settings
# settings.py'DEFAULT_THROTTLE_RATES': {'Vistor': '3/m','User': '10/m'},
drf总结
django'中可以免除csrftoken的认证
from django.views.decorators.csrf import csrf_exemptfrom django.shortcuts import HttpResponse@csrf_exempt def index(request):return HttpResponse('...')# index = csrf_exempt(index)urlpatterns = [url(r'^index/$',index),]
drf中view进行csrftoken的认证
urlpatterns = [ url(r'^login/$',account.LoginView.as_view()),]class APIView(View):@classmethoddef as_view(cls, **initkwargs):view = super().as_view(**initkwargs)view.cls = clsview.initkwargs = initkwargs# Note: session based authentication is explicitly CSRF validated,# all other authentication is CSRF exempt.return csrf_exempt(view)
1.写视图的方法
第一种:原始APIView
url(r'^login/$',account.LoginView.as_view()),
from rest_framework.views import APIViewfrom rest_framework.response import Responsefrom rest_framework_jwt.settings import api_settingsfrom rest_framework.throttling import AnonRateThrottlefrom api import modelsclass LoginView(APIView):authentication_classes = []def post(self,request,*args,**kwargs):# 1.根据用户名和密码检测用户是否可以登录user = models.UserInfo.objects.filter(username=request.data.get('username'),password=request.data.get('password')).first()if not user:return Response({'code':10001,'error':'用户名或密码错误'})# 2. 根据user对象生成payload(中间值的数据)jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLERpayload = jwt_payload_handler(user)# 3. 构造前面数据,base64加密;中间数据base64加密;前两段拼接然后做hs256加密(加盐),再做base64加密。生成tokenjwt_encode_handler = api_settings.JWT_ENCODE_HANDLERtoken = jwt_encode_handler(payload)return Response({'code': 10000, 'data': token})
第二种:ListApiView等
url(r'^article/$',article.ArticleView.as_view()),url(r'^article/(?P<pk>\d+)/$',article.ArticleDetailView.as_view()),
from rest_framework.throttling import AnonRateThrottlefrom rest_framework.response import Responsefrom rest_framework.generics import ListAPIView,RetrieveAPIViewfrom api import modelsfrom api.serializer.article import ArticleSerializer,ArticleDetailSerializerclass ArticleView(ListAPIView):authentication_classes = []# throttle_classes = [AnonRateThrottle,]queryset = models.Article.objects.all()serializer_class = ArticleSerializerclass ArticleDetailView(RetrieveAPIView):authentication_classes = []queryset = models.Article.objects.all()serializer_class = ArticleDetailSerializer
第三种:
url(r'^article/$',article.ArticleView.as_view({"get":'list','post':'create'})),url(r'^article/(?P<pk>\d+)/$',article.ArticleView.as_view({'get':'retrieve','put':'update','patch':'partial_update','delete':'destroy'}))
from rest_framework.viewsets import GenericViewSetfrom rest_framework.mixins import ListModelMixin,RetrieveModelMixin,CreateModelMixin,UpdateModelMixin,DestroyModelMixinfrom api.serializer.article import ArticleSerializer,ArticleDetailSerializerclass ArticleView(GenericViewSet,ListModelMixin,RetrieveModelMixin,CreateModelMixin,UpdateModelMixin,DestroyModelMixin):authentication_classes = []throttle_classes = [AnonRateThrottle,]queryset = models.Article.objects.all()serializer_class = Nonedef get_serializer_class(self):pk = self.kwargs.get('pk')if pk:return ArticleDetailSerializerreturn ArticleSerializer
drf 相关知识点梳理
装饰器
def outer(func):def inner(*args,**kwargs):return func(*args,**kwargs)return inner@outerdef index(a1):passindex()
def outer(func):def inner(*args,**kwargs):return func(*args,**kwargs)return innerdef index(a1):passindex = outer(index)index()
django中可以免除csrftoken认证
from django.views.decorators.csrf import csrf_exemptfrom django.shortcuts import HttpResponse@csrf_exemptdef index(request):return HttpResponse('...')# index = csrf_exempt(index)urlpatterns = [url(r'^index/$',index),]
urlpatterns = [url(r'^login/$',account.LoginView.as_view()),]class APIView(View):@classmethoddef as_view(cls, **initkwargs):view = super().as_view(**initkwargs)view.cls = clsview.initkwargs = initkwargs# Note: session based authentication is explicitly CSRF validated,# all other authentication is CSRF exempt.return csrf_exempt(view)
面向对象中基于继承+异常处理来做的约束
class BaseVersioning:def determine_version(self, request, *args, **kwargs):raise NotImplementedError("must be implemented")class URLPathVersioning(BaseVersioning):def determine_version(self, request, *args, **kwargs):version = kwargs.get(self.version_param, self.default_version)if version is None:version = self.default_versionif not self.is_allowed_version(version):raise exceptions.NotFound(self.invalid_version_message)return version
面向对象封装
class Foo(object):def __init__(self,name,age):self.name = nameself.age = ageobj = Foo('汪洋',18)
class APIView(View):def dispatch(self, request, *args, **kwargs):self.args = argsself.kwargs = kwargsrequest = self.initialize_request(request, *args, **kwargs)self.request = request...def initialize_request(self, request, *args, **kwargs):"""Returns the initial request object."""parser_context = self.get_parser_context(request)return Request(request,parsers=self.get_parsers(),authenticators=self.get_authenticators(), # [MyAuthentication(),]negotiator=self.get_content_negotiator(),parser_context=parser_context)
面向对象继承
class View(object):passclass APIView(View):def dispatch(self):method = getattr(self,'get')method()class GenericAPIView(APIView):serilizer_class = Nonedef get_seriliser_class(self):return self.serilizer_classclass ListModelMixin(object):def get(self):ser_class = self.get_seriliser_class()print(ser_class)class ListAPIView(ListModelMixin,GenericAPIView):passclass UserInfoView(ListAPIView):passview = UserInfoView()view.dispatch()
class View(object):passclass APIView(View):def dispatch(self):method = getattr(self,'get')method()class GenericAPIView(APIView):serilizer_class = Nonedef get_seriliser_class(self):return self.serilizer_classclass ListModelMixin(object):def get(self):ser_class = self.get_seriliser_class()print(ser_class)class ListAPIView(ListModelMixin,GenericAPIView):passclass UserInfoView(ListAPIView):serilizer_class = "汪洋"view = UserInfoView()view.dispatch()
class View(object):passclass APIView(View):def dispatch(self):method = getattr(self,'get')method()class GenericAPIView(APIView):serilizer_class = Nonedef get_seriliser_class(self):return self.serilizer_classclass ListModelMixin(object):def get(self):ser_class = self.get_seriliser_class()print(ser_class)class ListAPIView(ListModelMixin,GenericAPIView):passclass UserInfoView(ListAPIView):def get_seriliser_class(self):return "咩咩"view = UserInfoView()view.dispatch()
反射
class View(object):def dispatch(self, request, *args, **kwargs):# Try to dispatch to the right method; if a method doesn't exist,# defer to the error handler. Also defer to the error handler if the# request method isn't on the approved list.if request.method.lower() in self.http_method_names:handler = getattr(self, request.method.lower(), self.http_method_not_allowed)else:handler = self.http_method_not_allowedreturn handler(request, *args, **kwargs)
发送ajax请求
$.ajax({url:'地址',type:'GET',data:{...},success:function(arg){console.log(arg);}})
浏览器具有 "同源策略的限制",导致
发送ajax请求+跨域存在无法获取数据。- 简单请求,发送一次请求。
- 复杂请求,先options请求做预检,然后再发送真正请求
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><title>Title</title></head><body><h1>常鑫的网站</h1><p><input type="button" value="点我" onclick="sendMsg()"></p><p><input type="button" value="点他" onclick="sendRemoteMsg()"></p><script src="https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js"></script><script>function sendMsg() {$.ajax({url:'/msg/',type:'GET',success:function (arg) {console.log(arg);}})}function sendRemoteMsg() {$.ajax({url:'http://127.0.0.1:8002/json/',type:'GET',success:function (arg) {console.log(arg);}})}</script></body></html>
如何解决ajax+跨域?
CORS,跨站资源共享,本质:设置响应头。
常见的Http请求方法
getpostputpatchdeleteoptions
http请求中Content-type请起头
情况一:content-type:x-www-form-urlencodename=alex&age=19&xx=10request.POST和request.body中均有值。情况二:content-type:application/json{"name":"ALex","Age":19}request.POST没值request.body有值。
django中F查询
django中获取空Queryset
models.User.object.all().none()
基于django的fbv和cbv都能实现遵循restful规范的接口
def user(request):if request.metho == 'GET':passclass UserView(View):def get()...def post...
基于django rest framework框架实现restful api的开发。
- 免除csrf认证- 视图(APIView、ListAPIView、ListModelMinx)- 版本- 认证- 权限- 节流- 解析器- 筛选器- 分页- 序列化- 渲染器
简述drf中认证流程?
1.用户发来请求优先执行dispatch方法2.内部会封装reqeustd1
简述drf中节流的实现原理以及过程?匿名用户/非匿名用户 如何实现频率限制?
GenericAPIView视图类的作用?
他提供了一些规则,例如:class GenericAPIView(APIView):serializer_class = Nonequeryset = Nonelookup_field = 'pk'filter_backends = api_settings.DEFAULT_FILTER_BACKENDSpagination_class = api_settings.DEFAULT_PAGINATION_CLASSdef get_queryset(self):return self.querysetdef get_serializer_class(self):return self.serializer_classdef filter_queryset(self, queryset):for backend in list(self.filter_backends):queryset = backend().filter_queryset(self.request, queryset, self)return queryset@propertydef paginator(self):if not hasattr(self, '_paginator'):if self.pagination_class is None:self._paginator = Noneelse:self._paginator = self.pagination_class()return self._paginator他相当于提供了一些规则,建议子类中使用固定的方式获取数据,例如:class ArticleView(GenericAPIView):queryset = models.User.objects.all()def get(self,request,*args,**kwargs):query = self.get_queryset()我们可以自己继承GenericAPIView来实现具体操作,但是一般不会,因为更加麻烦。而GenericAPIView主要是提供给drf内部的 ListAPIView、Create....class ListModelMixin:def list(self, request, *args, **kwargs):queryset = self.filter_queryset(self.get_queryset())page = self.paginate_queryset(queryset)if page is not None:serializer = self.get_serializer(page, many=True)return self.get_paginated_response(serializer.data)serializer = self.get_serializer(queryset, many=True)return Response(serializer.data)class ListAPIView(mixins.ListModelMixin,GenericAPIView):def get(self, request, *args, **kwargs):return self.list(request, *args, **kwargs)class MyView(ListAPIView):queryset = xxxxser...
总结:GenericAPIView主要为drf内部帮助我们提供增删改查的类LIstAPIView、CreateAPIView、UpdateAPIView、提供了执行流程和功能,我们在使用drf内置类做CURD时,就可以通过自定义 静态字段(类变量)或重写方法(get_queryset、get_serializer_class)来进行更高级的定制。
jwt以及其优势。
jwt前后端分离 用于用户认证jwt的实现原理:-用户登陆成功,会给前端返回一个tokon值。此token值只在前端保存token值分为一段类型和算法信息第二段用户信息和超时时间第三段前两段数据拼接之后进行has256再次加密+base64url
序列化时many=True和many=False的区别?
应用DRF中的功能进行项目开发
*****解析器:request.query_parmas/request.data视图序列化渲染器:Response****request对象封装版本处理分页处理***认证权限节流
- 基于APIView实现呼啦圈
- 继承ListAPIView+ GenericViewSet,ListModelMixin实现呼啦圈
跨域
- 域相同,永远不会存在跨域。
- crm,非前后端分离,没有跨域。
- 路飞学城,前后端分离,没有跨域(之前有,现在没有)。
- 域不同时,才会存在跨域。
- l拉勾网,前后端分离,存在跨域(设置响应头解决跨域)
由于浏览器具有同源策略的限制对ajax请求的限制同源同端口不同源就是跨域写了/api 不跨域 api访问djangoapi.xx.com跨域了访问django
简单请求
发一次请求
设置响应头就可以解决from django.shortcuts import render,HttpResponsedef json(request):response = HttpResponse("JSONasdfasdf")response['Access-Control-Allow-Origin'] = "*"return response
复杂请求
预检option
请求
html写法
写法
from django.views.decorators.csrf import csrf_exemptfrom django.utils.decorators import method_decorator@csrf_exemptdef put_json(request):response = HttpResponse("JSON复杂请求")if request.method == 'OPTIONS':# 处理预检response['Access-Control-Allow-Origin'] = "*"response['Access-Control-Allow-Methods'] = "PUT"return responseelif request.method == "PUT":return response
解决跨域:CORS
本质在数据返回值设置响应头from django.shortcuts import render,HttpResponsedef json(request):response = HttpResponse("JSONasdfasdf")response['Access-Control-Allow-Origin'] = "*"return response
通过jsonp
<!DOCTYPE html><html><head lang="en"><meta charset="UTF-8"><title></title></head><body><p><input type="button" onclick="Jsonp1();" value='提交'/></p><p><input type="button" onclick="Jsonp2();" value='提交'/></p><script type="text/javascript" src="jquery-1.12.4.js"></script><script>function Jsonp1(){var tag = document.createElement('script');tag.src = "http://c2.com:8000/test/";document.head.appendChild(tag);document.head.removeChild(tag);}function Jsonp2(){$.ajax({url: "http://c2.com:8000/test/",type: 'GET',dataType: 'JSONP',success: function(data, statusText, xmlHttpRequest){console.log(data);}})}</script></body></html>
总结
条件:1、请求方式:HEAD、GET、POST2、请求头信息:AcceptAccept-LanguageContent-LanguageLast-Event-IDContent-Type 对应的值是以下三个中的任意一个application/x-www-form-urlencodedmultipart/form-datatext/plain注意:同时满足以上两个条件时,则是简单请求,否则为复杂请求
总结
- 由于浏览器具有“同源策略”的限制,所以在浏览器上跨域发送Ajax请求时,会被浏览器阻止。
- 解决跨域
- 不跨域
- CORS(跨站资源共享,本质是设置响应头来解决)。
- 简单请求:发送一次请求
- 复杂请求:发送两次请求
部署 collectstaic 收集静态文件
jwt
用于在前后端分离时,实现用户登录相关。
1.知识点
1.2jwt代替token 进行优化
用户登录成功之后,生成一个随机字符串,给前端。- 生成随机字符串加密信息#{typ:"jwt","alg":'HS256'}# 加密手段segments.append(base64url_encode(json_header))98qow39df0lj980945lkdjflo.#第二部分的信息 {id:1,username:'alx','exp':10}#加密手段segments.append(base64url_encode(payload))saueoja8979284sdfsdf.#两个密文拼接加盐asiuokjd978928374- 类型信息通过base64加密- 数据通过base64加密- 两个密文拼接在h256加密+加盐- 给前端返回token值只在前端token是由。分割的三段组成- 第一段:类型和算法信息- 第二段。 用户的信息和超时时间- 第三段:hs256(前两段拼接)加密 + base64url- 以后前端再次发来信息时- 超时验证- token合法性校验前端获取随机字符串之后,保留起来。以后再来发送请求时,携带98qow39df0lj980945lkdjflo.saueoja8979284sdfsdf.asiuokjd978928375。后端接收到之后1.取出第二部分进行时间的判断2. 把前面两个进行加密对第三个值进行加密- token只在前端保存,后端只负责校验。- 内部集成了超时时间,后端可以根据时间进行校验是否超时。 - 由于内部存在hash256加密,所以用户不可以修改token,只要一修改就认证失败。一般在前后端分离时,用于做用户认证(登录)使用的技术。jwt的实现原理:- 用户登录成功之后,会给前端返回一段token。- token是由.分割的三段组成。- 第一段:类型和算法信心- 第二段:用户信息+超时时间- 第三段:hs256(前两段拼接)加密 + base64url- 以后前端再次发来信息时- 超时验证- token合法性校验优势:- token只在前端保存,后端只负责校验。- 内部集成了超时时间,后端可以根据时间进行校验是否超时。- 由于内部存在hash256加密,所以用户不可以修改token,只要一修改就认证失败。
1.2token
用户登陆成功之后,生成一个随机字符串,自己保留一份,给前端返回一份。以后前端再来发请求时,需要携带字符串后端对字符串进行校验
流程
1.安装
pip3 install djangorestframework-jwt
2.注册
INSTALLED_APPS = ['django.contrib.admin','django.contrib.auth','django.contrib.contenttypes','django.contrib.sessions','django.contrib.messages','django.contrib.staticfiles','api.apps.ApiConfig','rest_framework','rest_framework_jwt']
3.源码剖析和实现流程
from rest_framework_jwt.views import obtain_jwt_token
具体流程
用户信息加密jwt_payload_hander = api_settings.JWT_PAYLOAD_HANDLER第三段信息的加密jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER#解密jwt_decode_handler = api_settings.JWT_DECODE_HANDLERdef jwt_payload_handler(user):username_field = get_username_field()username = get_username(user)warnings.warn('The following fields will be removed in the future: ''`email` and `user_id`. ',DeprecationWarning)payload = {'user_id': user.pk,'username': username,'exp': datetime.utcnow() +#默认5分钟api_settings.JWT_EXPIRATION_DELTA#如果有email会把email配置上if hasattr(user, 'email'):payload['email'] = user.emailif isinstance(user.pk, uuid.UUID):#如果有user_id会把pk值配置上payload['user_id'] = str(user.pk)payload[username_field] = username#源码settings= 'JWT_EXPIRATION_DELTA':datetime.timedelta(seconds=300),}
加密的具体实现流程
api_settings.JWT_ENCODE_HANDLER -->加密的具体实现def jwt_encode_handler(payload):#payload传入key = api_settings.JWT_PRIVATE_KEY or jwt_get_secret_key(payload)#加盐#SECRET_KEY = '+gr4bbq8e$yqbd%n_h)2(osz=bmk1x2+o6+w5g@a4r1#3%q1n*'return jwt.encode(payload,#类型信息头信息key,#加盐#默认封装传入了hs256api_settings.JWT_ALGORITHM# 'JWT_ALGORITHM': 'HS256',).decode('utf-8')encode默认继承父类的父类的encode方法# Headerheader = {'typ': self.header_typ, 'alg': algorithm}#self.header_typ #-- 》 header_typ = 'JWT'signing_input = b'.'.join(segments)#把类型信息和数据用.的形式拼接到了一起try:alg_obj = self._algorithms[algorithm]#执行算法key = alg_obj.prepare_key(key)signature = alg_obj.sign(signing_input, key)#把拼接起来的值进行二次加密 成为第三个信息'''except KeyError:if not has_crypto and algorithm in requires_cryptography:raise NotImplementedError("Algorithm '%s' could not be found. Do you have cryptography ""installed?" % algorithm)else:raise NotImplementedError('Algorithm not supported')'''segments.append(base64url_encode(signature))#再把第三个信息放入列表 对第三个信息进行base64进行加密return b'.'.join(segments)#用.的形式再把第三个数据拼接起来 进行返回98qow39df0lj980945lkdjflo.saueoja8979284sdfsdf.asiuokjd978928375
解密
将token分割成 header_segment、payload_segment、crypto_segment 三部分对第一部分header_segment进行base64url解密,得到header对第二部分payload_segment进行base64url解密,得到payload对第三部分crypto_segment进行base64url解密,得到signature对第三部分signature部分数据进行合法性校验拼接前两段密文,即:signing_input从第一段明文中获取加密算法,默认:HS256使用 算法+盐 对signing_input 进行加密,将得到的结果和signature密文进行比较。
jwt的原理和优势
一般在前后端分离时,用于做用户认证(登录)使用的技术。jwt的实现原理:- 用户登录成功之后,会给前端返回一段token。- token是由.分割的三段组成。- 第一段:类型和算法信心- 第二段:用户信息+超时时间- 第三段:hs256(前两段拼接)加密 + base64url- 以后前端再次发来信息时- 超时验证- token合法性校验#优势:- token只在前端保存,后端只负责校验。- 内部集成了超时时间,后端可以根据时间进行校验是否超时。- 由于内部存在hash256加密,所以用户不可以修改token,只要一修改就认证失败。
具体使用
用户登陆
import uuidfrom rest_framework.views import APIViewfrom rest_framework.response import Responsefrom rest_framework.versioning import URLPathVersioningfrom rest_framework import statusfrom api import modelsclass LoginView(APIView):"""登录接口"""def post(self,request,*args,**kwargs):# 基于jwt的认证# 1.去数据库获取用户信息from rest_framework_jwt.settings import api_settings#头信息jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER#第三个数据的加密jwt_encode_handler = api_settings.JWT_ENCODE_HANDLERuser = models.UserInfo.objects.filter(**request.data).first()if not user:return Response({'code':1000,'error':'用户名或密码错误'})''''user_id': user.pk,'username': username,'exp': datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA'''#头信息的处理payload = jwt_payload_handler(user)#对三段信息的编码 加密token = jwt_encode_handler(payload)return Response({'code':1001,'data':token})#第二种方式class LoginView(APIView):authentication_classes = []def post(self,request,*args,**kwargs):# 1.根据用户名和密码检测用户是否可以登录user = models.UserInfo.objects.filter(username=request.data.get('username'),password=request.data.get('password')).first()if not user:return Response({'code':10001,'error':'用户名或密码错误'})# 2. 根据user对象生成payload(中间值的数据)jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLERpayload = jwt_payload_handler(user)# 3. 构造前面数据,base64加密;中间数据base64加密;前两段拼接然后做hs256加密(加盐),再做base64加密。生成tokenjwt_encode_handler = api_settings.JWT_ENCODE_HANDLERtoken = jwt_encode_handler(payload)return Response({'code': 10000, 'data': token})
用户认证
开始解码
from rest_framework.views import APIViewfrom rest_framework.response import Response# from rest_framework.throttling import AnonRateThrottle,BaseThrottleclass ArticleView(APIView):# throttle_classes = [AnonRateThrottle,]def get(self,request,*args,**kwargs):# 获取用户提交的token,进行一步一步校验import jwtfrom rest_framework import exceptionsfrom rest_framework_jwt.settings import api_settings#进行解码jwt_decode_handler = api_settings.JWT_DECODE_HANDLER#获取到加密之后的字符串jwt_value = request.query_params.get('token')try:#对token进行解密payload = jwt_decode_handler(jwt_value)#判断签名是否过期except jwt.ExpiredSignature:msg = '签名已过期'raise exceptions.AuthenticationFailed(msg)#判断是否被篡改except jwt.DecodeError:msg = '认证失败'raise exceptions.AuthenticationFailed(msg)except jwt.InvalidTokenError:raise exceptions.AuthenticationFailed()print(payload)return Response('文章列表')
settings设置
'JWT_EXPIRATION_DELTA':datetime.timedelta(seconds=300)#默认五分钟有效#自定义import datetimeJWT_AUTH = {"JWT_EXPIRATION_DELTA":datetime.timedelta(minutes=10)}
视图的mixins写法
ListModelMixin
执行list方法
paramiko
用于帮助开发者通过代码远程连接服务器
公钥和私钥进行连接服务器 比较方便
$ssh -copy-id -i .ssh /id ras.pub
基于用户名密码连接:
需要一直去使用输入
import paramiko# 创建SSH对象ssh = paramiko.SSHClient()# 允许连接不在know_hosts文件中的主机ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())# 连接服务器ssh.connect(hostname='192.168.159.128', port=22, username='root', password='ziwen123')# 执行命令stdin, stdout, stderr = ssh.exec_command('df')# 获取命令结果result = stdout.read()# 关闭连接ssh.close()
发送数据
import requests
requests.post(
url = "http://127.0.0.1:8000/api/v1/server/",
json={'server':data,'host':'192.16.12.66'}
)
```
远程执行命令【公钥和私钥】(公钥必须提前上传到服务器)
import paramikoprivate_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')# 创建SSH对象ssh = paramiko.SSHClient()# 允许连接不在know_hosts文件中的主机ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())# 连接服务器ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', key=private_key)# 执行命令stdin, stdout, stderr = ssh.exec_command('df')# 获取命令结果result = stdout.read()# 关闭连接ssh.close()
远程上传和下载文件【用户名和密码】
import paramikotransport = paramiko.Transport(('hostname',22))transport.connect(username='wupeiqi',password='123')sftp = paramiko.SFTPClient.from_transport(transport)# 将location.py 上传至服务器 /tmp/test.pysftp.put('/tmp/location.py', '/tmp/test.py')# 将remove_path 下载到本地 local_pathsftp.get('remove_path', 'local_path')transport.close()
远程上传和下载文件【公钥和私钥】
import paramikoprivate_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')transport = paramiko.Transport(('hostname', 22))transport.connect(username='wupeiqi', pkey=private_key )sftp = paramiko.SFTPClient.from_transport(transport)# 将location.py 上传至服务器 /tmp/test.pysftp.put('/tmp/location.py', '/tmp/test.py')# 将remove_path 下载到本地 local_pathsftp.get('remove_path', 'local_path')transport.close()
补充:通过私钥字符串也可以连接远程服务器
key = """-----BEGIN RSA PRIVATE KEY----MIIG5AIBAAKCAYEAu0fkMInsVRnIBSiZcVYhKuccWCh6hapYgB1eSOWZLz3+xFGy G5p2z8HgiHzfT838gAm+5OajuyAuE4+fHI77LXSg+pLbr1FhPVKAP+nbsnLgvHty ykZmt74CKKvZ08wdM7eUWJbkdpRNWmkwHBi99LeO0zYbHdXQ+m0P9EiWfdacJdAV RDVCghQo1/IpfSUECpfQK1Hc0126vI8nhtrvT3V9qF420U1fwW9GJrODl71WRqvJ BgSsKsjV16f0RKARESNmtA2vEdvMeutttZoO4FbvZ+iLKpcRM4LGm2+odryr8ijv dCPCLVvoDExOPuqP1dgt5MWcCWf6ZNhMwAs/yvRHAKetvo5gtz8YvzwlikopCLM7 bS6C6woyppMHfIPjoGJ6JuKpeaWtAgugOw/oVvj1rRYoCv48R13NftqhkFD1KD8z km9CjDC8hv+2DmIedtjvVwUz2QF4PN/RC/i1jo3+3rbP1DLu9emTHiortBBrpQ5o K+y4Rzv+6NusD6DHAgMBAAECggGBAJ4hTaNOUaZpZmI0rZrsxoSbL2ugghNqid9i 7MFQW89v4TWSZXi5K6iwYw3bohKYMqNJl01fENBnk4AgvJA4ig0PdP0eEzAs3pYQ mwlcRIygQvHiqkHwv7pVTS1aLUqQBfgtAazre2xEPCwitOSEX5/JfWcJQEwoxZMt k1MIF0mZc67Zy5sT/Vwn+XScnDt2jbsEBFkPfg1aDto3ZYCQS5Aj/D21j0OauUdy 1SDIYkw1Kivx0IKsX1Kg0S6OOcnX/B6YrJvisrlQDeZnWlTsTyKSVTekIybJjUHE ZgLIIbifSbTW1Bv1iCkDAJBd4Cj4txjXPIgea9ylZ39wSDSV5Pxu0t/M3YbdA26j quVFCKqskNOC+cdYrdtVSij2Ypwov67HYsXC/w32oKO7tiRqy51LAs/WXMwQeS5a 8oWDZLiYIntY4TCYTVOvFlLRtXb+1SbwWKjJdjKvdChv4eo/Ov5JEXD2FVbVC/5E Qo3jyjIrt1lrwXUdpJa0/iz4UV33wQKBwQDprCPZVCI7yK/BWTmUvCcupotNk6CC +QIKDcvVxz63YFD5nXto4uG7ywXR6pEwOwmycO0CBuouvlPdSioQ3RYi6k0EO3Ch 9dybC5RZ3MENBHROHvU3mp01EWPUYnXAwNpvknujJqfXMxyURZvvox7hOnu/s3m4 C3eCBrMMg+uqNZDbLqAymw3pMGhHVWjy5oO8eLuLeJv6er+XoSSPNb21Da7StdQS fBPQ1H0/+RXnhFJOzANc4mRZcXMCNGVZX6MCgcEAzSz3evuCRQ47AaSOrDd89jAw PgpT+PG4gWw1jFZqHTbQ8MUl3YnElOVoaWRdIdDeslg9THg1cs5Yc9RrbIibyQjV F9k/DlXGo0F//Mgtmr7JkLP3syRl+EedRbu2Gk67XDrV7XIvhdlsEuSnEK9xOiB6 ngewM0e4TccqlLsb6u7RNMU9IjMu/iMcBXKsZ9Cr/DENmGQlTaRVt7G6UcAYGNgQ toMoCQWjR/HihlZHssLBj9U8uPyD38HKGy2OoXyNAoHBAKQzv9lHYusJ4l+G+IyJ DyucAsXX2HJQ0tsHyNYHtg2cVCqkPIV+8UtKpmNVZwMyaWUIL7Q98bA5NKuLIzZI dfbBGK/BqStWntgg8fWXx90C5UvEO2MAdjpFZxZmvgJeQuEmWVVTo5v4obubkrF5 ughhVXZng0AOZsNrO8Suqxsnmww6nn4RMVxNFOoTnbUawTXezUN71HfWa+38Ybl0 9UNWQyR0e3slz7LurrkWqwrOlBwlBrPtrsCflUbWVOXR6wKBwDFq+Dy14V2SnOG7 aeXPA5kkaCo5QJqAVglOL+OaWLqqnk6vnXwrl56pVqmz0762WT0phbIqbe02CBX1 /t3IVYVpTDIPUGG6hTqDJzmSWXGhLFlfD3Ulei3/ycCnAqh5eCUxwp8LVqjtgltW mWqqZyIx+nafsW/YgWqyYu4p1wKR/O+x5hSbsWDiwfgJ876ZgyMeCYE/9cAqqb6x 3webtfId8ICVPIpXwkks2Hu0wlYrFIX5PUPtBjJZsb00DtuUbQKBwF5BfytRZ0Z/ 6ktTfHj1OJ93hJNF9iRGpRfbHNylriVRb+hjXR3LBk8tyMAqR4rZDzfBNfPip5en 4TBMg8UATf43dVm7nv4PM2e24CRCWXMXYl7G3lFsQF/g7JNUoyr6bZQBf3pQcBw4IJ38IcKV+L475tP4rfDrqyJz7mcJ+90a+ai5cSr9XoZqviAqNdhvBq5LjGOLkcdN bS0NAVVoGqjqIY/tOd2NMTEF6kVoYfJ7ZJtjxk/R3sdbdtajV3YsAg== -----END RSA PRIVATE KEY-----"""import paramiko from io import StringIOprivate_key = paramiko.RSAKey(file_obj=StringIO(key))# 创建SSH对象 ssh = paramiko.SSHClient()# 允许连接不在know_hosts文件中的主机 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())# 连接服务器ssh.connect(hostname='192.168.16.85', port=22, username='root', pkey=private_key)# 执行命令stdin, stdout, stderr = ssh.exec_command('df') # 获取命令结果result = stdout.read()# 关闭连接ssh.close()print(result)
生成
公司员工基于xshell连接服务器用户名和密码 公钥和私钥(rsa)
生成公钥和私钥
ssh-keygen.exe -m pem在当前用户家目录会生成:.ssh/id_rsa.pub .ssh/id_rsa
把公钥放到服务器
ssh-copy-id -i ~.ssh/id_rsa.pub root@192.168.16.85
以后再连接服务器时,不需要在输入密码
ssh root@192.168.16.85
总结
···
什么是前后端分离
固定知识返回json数据
drf组件
帮助我们在django框架基础上快速搭建遵循restful规范接口的程序
drf组件的功能
解析器,解析请求体中的数据,将其变成我们想要的格式.request.data
序列化 对对象或者对象列表(queryset)进行序列化 操作以及表单验证的功能
视图 继承APIView(在内部apiview继承了django的view)
postman
模拟浏览器进行发送请求
查找模板的顺序
优先根目录下的templatesretframework 有一个templates根据app的注册顺序去每个app的templates目录中找
个人补充
import uuidstr(uuid.uuid4())#随机字符串models.表名.objects.all().none() 返回是一个none添加数据库models.Disk.objects.create(**之后的字典,外键id=外键id)settings里面的基本都是用import importlibimport importlib利用字符串直接获得模块
登陆字段
models.pyinput的blank=TRUE验证可以为空 null=True数据库可以为空 ,unique,唯一charfiled choice=sex_type(等于一个元组) id是值 名字是键 ((键,值),(键,值)) max_length=16verbose_name=’QQ昵称‘ 和label一样 显示作用于admin可以不写models.forekey('self')自关联multiselectField('咨询')需要第三方模块下载 多选下拉框verbose_name='客户信息表' admin创建表的时候的表名显示的数据unique_together=联合唯一 下载第三方模块 djangoMultiSelectField course = MultiSelectField("咨询课程", choices=course_choices) #多选,并且存成一个 列表的格式,通过modelform来用的时候,会成为一个多选框
水平分表
把数据比较多的平行分成两个表(分出来一个详细表)
mysqldb
mysqldb是一个接口连接到mysql数据库服务器
request是什么
#请求报文 由客户端发送,其中包含和许多的信息,而 django 将这些信息封装成了 HttpRequest 对 象,请求报文 由客户端发送,其中包含和许多的信息,而 django 将这些信息封装成了HttpRequest 对象1.该对象由 HttpRequest 祖类创建。这个是wsgi是从属于类2.每一个请求都会生成一个 HttpRequest 对象,3.django会将这个对象自动传递给响应的视图函数,4.视图函数第一个参数传给视图函数。这个参数就是django视图函数的第一个参数,通常写成request。5.一般视图函数约定俗成地使用 request 参数承接这个对象
表删除
book_obj= 第一种 book_obj.objects.remove(1) 第二种 clear 清空 第三种 set(['1','5'])# 先清除再添加,相当于修改#把原来的删除重新添加进去,注意不是原位置
Form所有内置字段
Fieldrequired=True, 是否允许为空widget=None, HTML插件label=None, 用于生成Label标签或显示内容initial=None, 初始值help_text='', 帮助信息(在标签旁边显示)error_messages=None, 错误信息 {'required': '不能为空', 'invalid': '格式错误'}validators=[], 自定义验证规则localize=False, 是否支持本地化disabled=False, 是否可以编辑label_suffix=None Label内容后缀CharField(Field)max_length=None, 最大长度min_length=None, 最小长度strip=True 是否移除用户输入空白IntegerField(Field)max_value=None, 最大值min_value=None, 最小值FloatField(IntegerField)...DecimalField(IntegerField)max_value=None, 最大值min_value=None, 最小值max_digits=None, 总长度decimal_places=None, 小数位长度BaseTemporalField(Field)input_formats=None 时间格式化DateField(BaseTemporalField) 格式:2015-09-01TimeField(BaseTemporalField) 格式:11:12DateTimeField(BaseTemporalField)格式:2015-09-01 11:12DurationField(Field) 时间间隔:%d %H:%M:%S.%f...RegexField(CharField)regex, 自定制正则表达式max_length=None, 最大长度min_length=None, 最小长度error_message=None, 忽略,错误信息使用 error_messages={'invalid': '...'}EmailField(CharField)...FileField(Field)allow_empty_file=False 是否允许空文件ImageField(FileField)...注:需要PIL模块,pip3 install Pillow以上两个字典使用时,需要注意两点:- form表单中 enctype="multipart/form-data"- view函数中 obj = MyForm(request.POST, request.FILES)URLField(Field)...BooleanField(Field)...NullBooleanField(BooleanField)...ChoiceField(Field)...choices=(), 选项,如:choices = ((0,'上海'),(1,'北京'),)required=True, 是否必填widget=None, 插件,默认select插件label=None, Label内容initial=None, 初始值help_text='', 帮助提示ModelChoiceField(ChoiceField)... django.forms.models.ModelChoiceFieldqueryset, # 查询数据库中的数据empty_label="---------", # 默认空显示内容to_field_name=None, # HTML中value的值对应的字段limit_choices_to=None # ModelForm中对queryset二次筛选ModelMultipleChoiceField(ModelChoiceField)... django.forms.models.ModelMultipleChoiceFieldTypedChoiceField(ChoiceField)coerce = lambda val: val 对选中的值进行一次转换empty_value= '' 空值的默认值MultipleChoiceField(ChoiceField)...TypedMultipleChoiceField(MultipleChoiceField)coerce = lambda val: val 对选中的每一个值进行一次转换empty_value= '' 空值的默认值ComboField(Field)fields=() 使用多个验证,如下:即验证最大长度20,又验证邮箱格式fields.ComboField(fields=[fields.CharField(max_length=20), fields.EmailField(),])MultiValueField(Field)PS: 抽象类,子类中可以实现聚合多个字典去匹配一个值,要配合MultiWidget使用SplitDateTimeField(MultiValueField)input_date_formats=None, 格式列表:['%Y--%m--%d', '%m%d/%Y', '%m/%d/%y']input_time_formats=None 格式列表:['%H:%M:%S', '%H:%M:%S.%f', '%H:%M']FilePathField(ChoiceField) 文件选项,目录下文件显示在页面中path, 文件夹路径match=None, 正则匹配recursive=False, 递归下面的文件夹allow_files=True, 允许文件allow_folders=False, 允许文件夹required=True,widget=None,label=None,initial=None,help_text=''GenericIPAddressFieldprotocol='both', both,ipv4,ipv6支持的IP格式unpack_ipv4=False 解析ipv4地址,如果是::ffff:192.0.2.1时候,可解析为192.0.2.1, PS:protocol必须为both才能启用SlugField(CharField) 数字,字母,下划线,减号(连字符)...UUIDField(CharField) uuid类型
ajax补充
traditional:true,在ajax设置该属性就可以往后端传递数组
拓展性知识
ajax的traditional属性
ajax的traditional属性jquery框架的ajax参数除了常用的$.ajax({url: 'xxx',type: 'xxx',data: 'xxx',success: 'xxx'...})另外还有一个参数需要特别注意下traditional默认值是false。ajax做数据处理时,是通过jQuery.param( obj, traditional )该方法进行处理。jquery1.4版本以后traditional参数,默认false的时候如果是{a:{b:'value'}}是处理成a[b],这样形式,如果是数组:data:{a:[1,2]},是解析成a[]=1&a[]=2,这种方式后台确实要做兼容(取a[b]或a[])来取值。在数组情况下把traditional参数设置成true,是解析成a=1&a=2,对后台直接通过a拿数据。但是实验了下object情况,把traditional设置成true,转成了a=[object+Object],这样就是费的了。false时解析成上面的形式应该就是类型指示作用,我看到这种格式就知道请求数据是Array还是object了,true就是按照form提交的方式传值。当需要把多个checkbox的value值通过ajax传到servlet时就需要加上traditional参数并且为true,如下代码://批量删除$("#alldel").click(function () {var ids = $(".che:checked");var items = new Array();for (var i=0;i<ids.size();i++){items.push(ids[i].value);}if (confirm("您确定要删除选中数据吗?")) {$.ajax({type: "post",url: "UserServlet?action=deleteAll",data:{items:items},//防止深度序列化traditional :true,async: true,success: function(data) {var da = JSON.parse(data);alert(da.msg)app.count();},error: function(data) {console.info("error: " + data.responseText);}});}});
在后台我们就可以用 String[] items = request.getParameterValues("items") 进行接收前端传过来的数组,如下图:request.POST.get() #获取值这样就可以用SQL语句 delete from xxx where id in(x,x) 多参数的形式进行操作了。
表结构很少有一对一之间的关系
很多时候都是1对多 多对多之间的关系
input 消除自动记忆功能
在html里就可以直接清除了<input type="text" autocomplete="off"> input 的autocomplete属性默认是on:其含义代表是否让浏览器自动记录之前输入的值 off:则关闭记录
查询多个用反向查询set
# 多对多如果post请求多个值使用getlist(字段)写法obj=request.POST.getlist("author_id")#取得的是一个列表# 海狗的怂逼人生 是哪些作者写的 -- 正向查询obj = models.Book.objects.filter(title='海狗的怂逼人生').first()ret = obj.authors.all()#可以直接查询到作者对应的名字 (直接查询到)print(ret) #<QuerySet [<Author: 王洋>, <Author: 海狗>]>for i in ret:print(i.name)# 查询一下海狗写了哪些书 -- 反向查询obj = models.Author.objects.filter(name='海狗').first()ret = obj.book_set.all()print(ret)for i in ret:print(i.publishs.name)print(i.title)return HttpResponse('ok')
1.filter双下方法
1.2用i不区分大小写
2.下拉框(select)选择出来的就是列表
如果post请求多个值使用getlist(字段) 写法 obj=request.POST.getlist("author_id") #取得的是一个列表
request.Get.get()取到的值是 ?后面对应
此写法的好处不需要添加多余的路径 不用分组路径 127.0.0.1/home?id=3 request.post.get()取到值是3
mysqldb是什么
mysqldb是一个接口连接到mysql数据库服务器从python
wsgiref
from wsgiref.simple_server import make_server# wsgiref本身就是个web框架,提供了一些固定的功能(请求和响应信息的封装,不需要我们自己写原生的 socket了也不需要咱们自己来完成请求信息的提取了,提取起来很方便) #函数名字随便起def application(environ, start_response):''':param environ: 是全部加工好的请求信息,加工成了一个字典,通过字典取值的方式就能拿到很多 你想要拿到的信息:param start_response: 帮你封装响应信息的(响应行和响应头),注意下面的参数:return:'''start_response('200 OK', [('Content-Type', 'text/html'),('k1','v1')])print(environ)print(environ['PATH_INFO'])#输入地址127.0.0.1:8000,这个打印的是'/',输入的是 127.0.0.1:8000/index,打印结果是'/index'return [b'<h1>Hello, web!</h1>']#和咱们学的socketserver那个模块很像啊httpd = make_server('127.0.0.1', 8080, application)print('Serving HTTP on port 8080...')# 开始监听HTTP请求: httpd.serve_forever()#send application的返回值 一个列表
requset是什么
#请求报文 由客户端发送,其中包含和许多的信息,而 django 将这些信息封装成了 HttpRequest 对 象,请求报文 由客户端发送,其中包含和许多的信息,而 django 将这些信息封装成了HttpRequest 对象1.该对象由 HttpRequest 祖类创建。这个是wsgi是从属于类2.每一个请求都会生成一个 HttpRequest 对象,3.django会将这个对象自动传递给响应的视图函数,4.视图函数第一个参数传给视图函数。这个参数就是django视图函数的第一个参数,通常写成request。5.一般视图函数约定俗成地使用 request 参数承接这个对象
示例
print(requset) <WSGIRequest: GET '/app01/library/'>
表删除
book_obj= 第一种 book_obj.objects.remove(1)第二种 clear 清空第三种 set(['1','5']) # 先清除再添加,相当于修改 #把原来的删除重新添加进去,注意不是原位置
知识点补充
bootstrapSweetAlert插件
$(".btn-danger").on("click", function() {swal({title: "你确定要删除吗?",text: "删除可就找不回来了哦!",#标签显示的 type: "warning",showCancelButton: true,confirmButtonClass: "btn-danger",confirmButtonText: "删除",cancelButtonText: "取消",closeOnConfirm: false}, function() { #注意当前的this是指谁调用了这个var deleteId = $(this).parent().parent().attr("data_id");$.ajax({url: "/delete_book/",type: "post",data: {"id": deleteId},success: function(data) {if (data.status === 1) {swal("删除成功!", "你可以准备跑路了!", "success");} else {swal("删除失败", "你可以再尝试一下!", "error")}}})});})
装饰器的补充
falask路由会用 装饰器的原理 开放封闭原则 在不改变原函数代码的前提下, 在函数前函数后增加新的功能 手写简单装饰器def wrapper(f):def inner( * args, ** kwargs):return f( * args, ** kwargs)return inner补充:import functoolsdef wrapper(f):@functools.wraps(f)# 加了之后保留函数元数据( 名字和注释)def inner(*args,**kwargs):return f(*args,**kwargs)return inner'''1.执行wrapper2.返回inner重新赋值index'''index=wrapper(index)@wrapperdef index(a1, a2):return a1+a2print(index.__name__) #查看函数名print(index.__doc__) #查看注释1.不加内部装饰器functools.wraps index执行的是inner 2.加了保留函数元数据(名字和注释)
orm补充
verbose_name#admin显示的名字以后在model form 和form中使用写法name=models.CharField(verbose_name="出版社名称",max_length=32)
路由系统中记得加入终止符$
这种写法的好处: 防止/index/下的子页面访问路径被之前路径的匹配在urls.py路由中写法 urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^index/$',views.index)]
模板查找顺序
1.先从根目录去找templates2.在根据app注册顺序去每个app的templates中找(从上往下)
drf的更多相关文章
- DRF如何序列化外键的字段
我觉得在有些应用场景下,这个操作是有用的,因为可以减少一个AJAX的请求,以增加性能. 当然,是二次请求,还是一次传输.这即要考虑用户体验,还要兼顾服务器性能. 一切是有条件的平衡吧.就算是一次传输, ...
- DRF限制访问频次
官方文档:https://www.django-rest-framework.org/api-guide/throttling/ 1.什么场景下需要限制访问频次呢? 1)防爬虫:爬虫可能会在短时间内大 ...
- DRF缓存
对于现在的动态网站来讲,所有的界面展示都是通过客户端请求服务端,服务端再去请求数据库,然后将请求到的数据渲染后返回给客户端.用户每次访问页面都需要去请求数据库,如果同时有多个人访问的话,对于我们的数据 ...
- drf相关问题
drf自定义用户认证: 登录默认 使用django的ModelBackend,对用户名和密码进行验证.但我们平时登录网站时除了用户名也可以用邮箱或手机进行登录,这就需要我们自己扩展backend 一. ...
- DRF 缓存解决方案 drf-extensions / redis
drf-extensions 概述 drf-extensions组件内部提供了 DRF 的本地内存方式的缓存方式 本地内存方式缓存在项目重启后则会消失 官方点击 这里 安装 pip3 install ...
- DRF 商城项目 - 用户( 登录, 注册,登出,个人中心 ) 逻辑梳理
用户登录 自定义用户登录字段处理 用户的登录时通过 手机号也可以进行登录 需要重写登录验证逻辑 from django.contrib.auth.backends import ModelBacken ...
- luffy项目后台drf搭建(1)
一 进入虚拟环境 打开crm,输入命令 workon luffy 虚拟环境使用文档 二 安装基本类库 pip install django pip install PymySQL pip instal ...
- DRF项目创建流程(1)
一 web应用模式 前后端不分离 前后端分离 二 RESTFUL API规范 REST全称是Representational State Transfer,中文意思是表述(编者注:通常译为表征)性状态 ...
- DRF初识与序列化
一.Django的序列化方法 1.为什么要用序列化组件 做前后端分离的项目,我们前后端数据交互一般都选择JSON,JSON是一个轻量级的数据交互格式.那么我们给前端数据的时候都要转成json格式,那就 ...
- restfull规范、DRF视图和路由
一.restfull规范的简单介绍 1.介绍 REST:表述性状态转移,是一种web交互方案 资源:在web中只要有被引用的必要都是资源 URI: URI 统一资源标识符 URL 统一资源定位符 统一 ...
随机推荐
- JVM垃圾回收(下)
接着上一篇,介绍完了 JVM 中识别需要回收的垃圾对象之后,这一篇我们来说说 JVM 是如何进行垃圾回收. 首先要在这里介绍一下80/20 法则: 约仅有20%的变因操纵着80%的局面.也就是说:所有 ...
- 模块的 __name__
模块的 __name__ 每个模块都有一个名称,而模块中的语句可以找到它们所处的模块的名称.这对于确定模块是独立运行的还是被导入进来运行的这一特定目的来说大为有用.正如先前所提到的,当模块第一次被导入 ...
- vue中methods,computed,filters,watch的总结
08.28自我总结 vue中methods,computed,filters,watch的总结 一.methods methods属性里面的方法会在数据发生变化的时候你,只要引用了此里面分方法,方法就 ...
- JavaScript回调函数和递归函数
一.回调函数--通过函数的指针来调用函数 把一个函数的指针作为另一个函数的参数,当调用这个参数的时候,这个函数就叫做回调函数 在链式运动上会用到回调函数,之后运动会见到 A.通过指针来调用函数 B.通 ...
- Elastic Stack 简介
一.ElasticSearch ElasticSearch 是一个基于 Apache Lucene 的开源搜索引擎.它通过RESTful API 来隐藏Lucene的复杂性,从而让全文搜索变得简单.不 ...
- Topaz ReMask 5抠图神器
Topaz ReMask 5抠图神器 与Photoshop相比,ReMask不需要繁琐的刷子工作来获得高质量的面膜.您只需粗略勾勒出主题并按"计算"即可. 在Photoshop中制 ...
- jenkins pipeline 流水线生产
jenkins pipeline : pipeline { agent any parameters { string(name: 'git_version', defaultValue: 'v1.1 ...
- 非确定的自动机NFA确定化为DFA
摘要: 在编译系统中,词法分析阶段是整个编译系统的基础.对于单词的识别,有限自动机FA是一种十分有效的工具.有限自动机由其映射f是否为单值而分为确定的有限自动机DFA和非确定的有限自动机NFA.在非确 ...
- 思科Cisco 交换机 VTP负载均衡的配置
思科Cisco 交换机 VTP负载均衡的配置 3560三层交换机配置: int ran fa0/23 - fa0/24 sw trunk encapsolution dot1q sw mode tru ...
- Java11新特性 - Epsilon GC和ZGC
Java11中新增了两个GC,Epsilon GC和ZGC. Epsilon垃圾收集器 A NoOp Garbage Collector 没有操作的垃圾收集器 JDK上对这个特性的描述是:开发一个处理 ...