# -*- coding: utf-8 -*-
__author__ = 'YongCong Wu'
# @Time : 2018/10/23 15:05
# @Email : : 1922878025@qq.com
from rest_framework import exceptions
from app import models
class FirstAuthtication(object):
def authenticate(self, request):
pass
def authenticate_header(self, request):
pass
class Authtication(object):
def authenticate(self, request):
token = request._request.GET.get('token')
token_obj = models.UserToken.objects.filter(token=token).first()
if not token_obj:
raise exceptions.AuthenticationFailed('用户认证失败')
# 在rest framework内部将整个两个字段赋值给request,以供后续操作使用。
return (token_obj.user, token_obj)
def authenticate_header(self, request):
pass
from django.shortcuts import render, HttpResponse
from django.contrib.auth.models import User, Group
from rest_framework import viewsets
from app.serializers import UserSerializer, GroupSerializer
from rest_framework.views import APIView
from rest_framework.request import Request
from rest_framework.authentication import BasicAuthentication
from rest_framework import exceptions
from django.http import JsonResponse
from app import models
import hashlib
import time
# Create your views here.
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
class GroupViewSet(viewsets.ModelViewSet):
queryset = Group.objects.all()
serializer_class = GroupSerializer
# 生成md5
def md5(user):
ctime = str(time.time())
m = hashlib.md5(bytes(user, encoding='utf-8'))
m.update(bytes(ctime, encoding='utf-8'))
return m.hexdigest()
# 请求Token认证
class GetUserData(APIView):
"""
用于用户登陆认证
"""
authentication_classes = []
def post(self, request, *args, **kwargs):
ret = {'code': 1000, 'msg': None}
try:
user = request._request.POST.get('username')
pwd = request._request.POST.get('password')
obj = models.UserInfo.objects.filter(username=user, password=pwd).first()
if not obj:
ret['code'] = 1001
ret['msg'] = '用户名或密码错误'
# 为当前登陆用户创建Token
token = md5(user)
models.UserToken.objects.update_or_create(user=obj, defaults={'token':token})
ret['token'] = token
except Exception as e:
ret['code'] = 1002
ret['msg'] = '请求异常'
return JsonResponse(ret)
# 测试数据
ORDER_DICT = {
1: {
'name': '书包',
'sku': 1002,
'price': 500
},
2: {
'name': '键盘',
'sku': 1052,
'price': 258
}
}
class OrderView(APIView):
"""
用于订单 rest framework
"""
# 通过authentication_classes添加用户认证
def get(self, request, *args, **kwargs):
"""
用户登陆成功,才可以查看订单数据
"""
ret = {'code': 1000, 'msg': None, 'data': None}
try:
ret['data'] = ORDER_DICT
except Exception as e:
pass
return JsonResponse(ret)
# 用户中心
class UserInfoView(APIView):
"""
用于订单 rest framework
"""
# 通过authentication_classes添加用户认证
def get(self, request, *args, **kwargs):
return HttpResponse('用户信息')
from django.db import models
# Create your models here.
class UserInfo(models.Model):
user_type_choices = (
(1, '普通用户'),
(2, 'VIP'),
(3, 'SVIP')
)
user_type = models.IntegerField(choices=user_type_choices)
username = models.CharField(max_length=32, unique=True)
password = models.CharField(max_length=64)
class UserToken(models.Model):
user = models.OneToOneField(to='UserInfo')
token = models.CharField(max_length=64)
# -*- coding:utf-8 -*-
from django.conf.urls import url, include
from rest_framework import routers
from app import views
# 注册视图
router = routers.DefaultRouter()
router.register(r'users', views.UserViewSet)
router.register(r'groups', views.GroupViewSet)
router.register(r'pwd', views.GroupViewSet)
# 二级路由
urlpatterns = [
url(r'apb/',include(router.urls)),
url(r'1/',include(router.urls)),
url(r'auth/$', views.GetUserData.as_view()), # 登陆认证
url(r'order/$', views.OrderView.as_view()) # 订单
]
from django.conf.urls import url, include
from django.contrib import admin
from rest_framework import routers, serializers, viewsets
from app import views
# django-rest-swagger
from rest_framework.schemas import get_schema_view
from rest_framework_swagger.renderers import SwaggerUIRenderer, OpenAPIRenderer
schema_view = get_schema_view(title='User API', renderer_classes=[OpenAPIRenderer, SwaggerUIRenderer])
urlpatterns = [
url(r'^docs/', schema_view, name='docs'),
url(r'^admin/', admin.site.urls),
url(r'^api', include('rest_framework.urls', namespace='rest_framework')),
url(r'^user/', include('app.urls'))
settings.py配置全局认证
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': ['app.utils.auth.FirstAuthtication', 'app.utils.auth.Authtication']
}
django-rest-swagger配置
# Swagger样式配置
SWAGGER_SETTINGS = {
'SECURITY_DEFINITIONS': {
'basic': {
'type': 'basic'
}
},
'LOGIN_URL': 'rest_framework:login',
'LOGOUT_URL': 'rest_framework:logout',
# 接口文档中方法列表以首字母升序排列
'APIS_SORTER': 'alpha',
# 如果支持json提交,则接口文档中包含json输入框
'JSON_EDITOR': True,
# 方法列表字母排序
'OPERTIONS_SORTER': 'alpha',
'VALIDATOR_URL': None
}
app/serializers.py
# -*- coding:utf-8 -*-
from django.contrib.auth.models import User, Group
from rest_framework import serializers
# 返回数据
class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = User
fields = ('url', 'username', 'email', 'groups')
class GroupSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = Group
fields = ('url', 'name')