redis介绍及在购物车项目中的应用，用户认证

1.redis

2.购物车的构建

api结构：

models.py（创建完后自行添加数据）

from django.db import models
from django.contrib.contenttypes.fields import GenericForeignKey, GenericRelation
from django.contrib.contenttypes.models import ContentType
# Create your models here.
 
class Course(models.Model):
    """专题课/学位课模块表"""
    name = models.CharField(max_length=128, unique=True)
    course_img = models.CharField(max_length=255)
    course_type_choices = ((0, '付费'), (1, 'VIP专享'), (2, '学位课程'))
    course_type = models.SmallIntegerField(choices=course_type_choices)
    brief = models.TextField(verbose_name="课程概述", max_length=2048)
 
    # 用于GenericForeignKey反向查询，不会生成表字段，切勿删除
    price_policy = GenericRelation("PricePolicy")
 
class PricePolicy(models.Model):
    """价格与有课程效期表"""
    content_type = models.ForeignKey(ContentType)  # 关联course
    object_id = models.PositiveIntegerField()
    content_object = GenericForeignKey('content_type', 'object_id')
 
    # course = models.ForeignKey("Course")
    valid_period_choices = ((1, '1天'), (3, '3天'),
                            (7, '1周'), (14, '2周'),
                            (30, '1个月'),
                            (60, '2个月'),
                            (90, '3个月'),
                            (180, '6个月'), (210, '12个月'),
                            (540, '18个月'), (720, '24个月'),
                            )
    valid_period = models.SmallIntegerField(choices=valid_period_choices)
    price = models.FloatField()
 
    class Meta:
        unique_together = ("content_type", 'object_id', "valid_period")
        verbose_name_plural = "15. 价格策略"
 
    def __str__(self):
        return "%s(%s)%s" % (self.content_object, self.get_valid_period_display(), self.price)
 
class Account(models.Model):
    username = models.CharField("用户名", max_length=64, unique=True)
    email = models.EmailField(
        verbose_name='邮箱',
        max_length=255,
        unique=True,
        blank=True,
        null=True
    )
    password = models.CharField('密码', max_length=128)
 
    class Meta:
        verbose_name_plural = "22. 账户信息"
 
class UserToken(models.Model):
    user = models.OneToOneField(to='Account')
    token = models.CharField(max_length=36)
 
    class Meta:
        verbose_name_plural = "34. token表"　　

admin.py(用于在在admin中添加数据)

from django.contrib import admin
from api import models
# Register your models here.
 
admin.site.register(models.UserToken)
admin.site.register(models.Course)
admin.site.register(models.Account)
admin.site.register(models.PricePolicy)

urls.py

from django.conf.urls import url
from api.views import shoppingcar,auth
 
urlpatterns = [
	url(r'auth/$', auth.AuthView.as_view({'post': 'login'})),
	url(r'shoppingcar/$', shoppingcar.ShoppingCarView.as_view({'post': 'create', 'get': 'list',
	                                                           'delete': 'destory', 'put': 'update'})),
 ]

　app01下的urls.py

from django.conf.urls import url,include
from django.contrib import admin
 
urlpatterns = [
    url(r'^admin/', admin.site.urls),
    url(r'^api/(?P<version>\w+)/', include('api.urls')),
]

　utils/response.py

class BaseResponse(object):
 
    def __init__(self):
        self.code = 1000
        self.data = None
        self.error = None
 
    @property
    def dict(self):
        return self.__dict__

　　utils/auth.py(重写用户认证组件)

from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed
from api import models
 
class AccountAuthentication(BaseAuthentication):
 
	def authenticate(self, request):
		"""
		源码：
        Authenticate the request and return a two-tuple of (user, token).
        """
		# 从前端获取用户携带的token
		token = request.query_params.get('token')
		token_obj = models.UserToken.objects.filter(token=token).first()
		if not token_obj:
			raise AuthenticationFailed({'code':1000,'error':'认证失败'})
		# 认证通过
		return (token_obj.user, token_obj)

　　views/auth.py(登录认证)

import uuid
from rest_framework.views import APIView
from rest_framework.viewsets import ViewSetMixin
from rest_framework.response import Response
from api import models
from api.utils.response import BaseResponse
 
class AuthView(ViewSetMixin,APIView):
 
    def login(self,request,*args,**kwargs):
        """api_usertoken
        用户登录认证
        """
        response = BaseResponse()
        try:
            user = request.data.get('username')
            pwd = request.data.get('password')
            obj = models.Account.objects.filter(username=user,password=pwd).first()
            if not obj:
                response.code = 1000
                response.error = '用户名或密码错误'
            else:
                uid = str(uuid.uuid4())
                # UserToken和Account是一对一的关系,登陆成功生成uid并加入表格
                models.UserToken.objects.update_or_create(user=obj,defaults={'token':uid})
                response.code = 99999
                response.data = uid
 
        except Exception as e:
            response.code = 10005
            response.error = '操作异常'
        return Response(response.dict)

views/shoppingcar.py

import json
import redis
from django.conf import settings
 
from rest_framework.views import APIView
from rest_framework.viewsets import ViewSetMixin
from rest_framework.response import Response
 
from api.utils.auth import AccountAuthentication
from api.utils import response
from api import models
 
# 注意这里的ip地址
CONN = redis.Redis(host="118.24.140.138",port=6379)
 
class ShoppingCarView(ViewSetMixin, APIView):
 
	# 加入用户认证
	authentication_classes = [AccountAuthentication,]
 
	def list(self,request,*args,**kwargs):
		"""
		从redis中查看购物车信息
		"""
		ret = response.BaseResponse()
		try:
			shopping_car_list = []
			# 这里的request.user来自认证组件的的返回值
			print(request.user)
			pattern = settings.LUFFY_SHOPPING_CAR % (request.user.id, '*',)
			user_key_list = CONN.keys(pattern)
			for key in user_key_list:
				temp = {
					"id":CONN.hget(key,"id").decode("utf-8"),
					"name":CONN.hget(key,"name").decode("utf-8"),
					"img":CONN.hget(key,"img").decode("utf-8"),
				}
				shopping_car_list.append(temp)
				ret.data = shopping_car_list
		except Exception as e:
			ret.code = 1000
			ret.error = "获取数据失败"
 
		return Response(ret.dict)
 
	def create(self, request, *args, **kwargs):
		"""
		加入购物车
		"""
		# 需要先接收用户选中的课程id以及价格策略id
		course_id = request.data.get('courseid')
		policy_id = request.data.get('policyid')
		course = models.Course.objects.first(id=course_id)
		ret = response.BaseResponse()
		# 判断数据是否合法，防止非正常点击，比如利用其他软件0元购买某些商品
		try:
			# 判断课程是否存在
			if not course:
				ret.code = 1000
				ret.error = "课程不存在"
				return Response(ret.dict)
 
			# 判断价格策略的合法性，也是避免蓄意修改
			# 获取价格策略的所有信息
			price_policy_queryset = course.price_policy.all()
			price_policy_dict = {}
			for item in price_policy_queryset:
				temp = {
					'id':item.id,
					'price':item.price,
					'valid_period': item.valid_period,
					'valid_period_display': item.get_valid_period_display()
				}
				price_policy_dict[item.id] = temp
			# 校验id是是否在字典中
			if policy_id not in price_policy_dict:
				ret.code = 1000
				ret.error = "不要乱动"
				return Response(ret.dict)
 
			# 设置购物车物品数
			pattern = settings.LUFFY_SHOPPING_CAR % (request.user.id, '*',)
			keys = CONN.keys(pattern)
			if keys and len(keys) >=100:
				ret.code = 1000
				ret.error = "物品栏已满"
				return Response(ret.dict)
		except Exception as e:
			# 进行添加操作
			key = settings.LUFFY_SHOPPING_CAR % (request.user.id, course_id,)
			CONN.hset(key,'id',course_id)
			CONN.hset(key, 'name', course.name)
			CONN.hset(key, 'img', course.course_img)
			# 设置保存时长,24h
			CONN.expire(key,60*60*24)
			ret.code= 500
			ret.data = "保存成功"
		return Response(ret.dict)
 
	def update(self,request,*args,**kwargs):
		"""
		修改操作，这里我们只能修改我们的价格策略
		"""
		ret = response.BaseResponse()
		try:
			# 获取用户通过操作相关字段传来的id
			course_id = request.data.get('courseid')
			policy_id = str(request.data.get('policyid'))
 
			key = settings.LUFFY_SHOPPING_CAR % (request.user.id, course_id,)
			if not CONN.exists(key):
				ret.code = 10000
				ret.error = '课程不存在'
				return Response(ret.dict)
 
			# 取我们存的price_policy_dict数据
			price_policy_dict = json.loads(CONN.hget(key, 'price_policy_dict').decode('utf-8'))
			# 判断价格策略是否存在
			if policy_id not in price_policy_dict:
				ret.code = 1000
				ret.error = '价格策略不存在'
				return Response(ret.dict)
			# 修改价格策略
			CONN.hset(key, 'default_price_id', policy_id)
			set.data = '修改成功'
		except Exception as e:
			ret.code = 1000
			ret.error = "修改失败"
		return Response(ret.dict)
 
	def destory(self,request,*args,**kwargs):
		"""
		删除选中的某个课程
		"""
		ret = response.BaseResponse()
		try:
			course_id = request.data.get('courseid')
			# 获取它的key值
			key = settings.LUFFY_SHOPPING_CAR % (request.user.id, course_id,)
			CONN.delete(key)
			ret.data = "删除成功"
		except Exception as e:
			ret.code = 1000
			ret.error = "删除失败"
		return Response(ret.dict)　

setting相关配制：

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'app01.apps.App01Config',
    'api.apps.ApiConfig',
    'rest_framework'
]
 
REST_FRAMEWORK = {
    # 版本相关信息
    'DEFAULT_VERSIONING_CLASS':'rest_framework.versioning.URLPathVersioning',
    'VERSION_PARAM':'version',
    'DEFAULT_VERSION':'v1',
    'ALLOWED_VERSIONS':['v1','v2'],
    # 分页相关信息，数字代表一页几条数据
    # 'PAGE_SIZE':2
}
 
LUFFY_SHOPPING_CAR  = "shopping_car_%s-%s"

测试（成功登录，获取它的token）

发送一个错误请求，这里直接被认证组件拦截了，并没有到达视图

在通过携带token发送一个get请求：

3.全局配置

如果100个类，有98个视图要认证。可以加到全局rest_framework里面

'DEFAULT_AUTHENTICATION_CLASSES':['api.utils.auth.LuffyAuthentication',]

　对于某些不用认证的类，可以直接定义认证类为空列表即可

 authentication_classes = []