一个简单的rest_framework demo

from django.db import models

class UserInfo(models.Model):
    username = models.CharField(max_length=32)
    password = models.CharField(max_length=32)
    role_choice = ((1,'管理员'),(2,'普通用户'))
    role = models.IntegerField(choices=role_choice)

class BWH(models.Model):
    '''三围信息'''
    bust = models.IntegerField(verbose_name='胸围')
    waist = models.IntegerField(verbose_name='腰围')
    hips = models.IntegerField(verbose_name='臀围')

    user = models.OneToOneField(to=UserInfo)

from rest_framework import serializers
from app01 import models

class BWHModelSerializer(serializers.ModelSerializer):
    class Meta:
        model = models.BWH
        fields = '__all__'


class UserModelSerializer(serializers.ModelSerializer):
    class Meta:
        model = models.UserInfo
        fields = '__all__'

from rest_framework.permissions import BasePermission
from app01 import models

class AdminPermission(BasePermission):
    '''管理员权限认证'''
    message = '您没有权限访问！'
    def has_permission(self, request, view):
        user_id = request.GET.get('uid')
        user = models.UserInfo.objects.filter(pk=user_id).first()

        if not user or user.role == 2:
            return False
        else:
            return True

from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed
from app01 import models

class BlackNameAuth(BaseAuthentication):
    '''黑名单认证'''

    def authenticate(self, request):
        BLACK_NAME_LIST = ['小花', '小翠']

        # 通过从url获取user_id的方式模拟用户登录
        user_id = request.GET.get('uid')
        user = models.UserInfo.objects.filter(pk=user_id).first()

        if not user or user.username in BLACK_NAME_LIST:
            raise AuthenticationFailed('您没有登录或者被关小黑屋啦')
        else:
            return user.username,user_id

from django.conf.urls import url,include
from django.contrib import admin
from rest_framework import routers
from app01 import views

# 实例化一个routers对象
routers = routers.DefaultRouter()
# 往对象里注册（添加）url
routers.register('bwh',views.BWHViewSet)
routers.register('user',views.UserViewSet)

urlpatterns = [
    url(r'^admin/', admin.site.urls),
    url(r'',include(routers.urls))
]

from app01.serializers import BWHModelSerializer
from app01.serializers import UserModelSerializer
from rest_framework.viewsets import ModelViewSet
from app01 import models
from app01.auth import BlackNameAuth
from app01.permission import AdminPermission
from rest_framework.pagination import PageNumberPagination

class MyPagination(PageNumberPagination):
    '''分页，自定义每页显示2条'''
    page_size = 2



class BWHViewSet(ModelViewSet):
    '''在黑名单中的用户禁止查看三围信息'''
    authentication_classes = [BlackNameAuth]

    # 分页
    pagination_class = MyPagination

    serializer_class = BWHModelSerializer
    queryset = models.BWH.objects.all()



class UserViewSet(ModelViewSet):
    '''非管理员禁止查看用户信息'''
    permission_classes = [AdminPermission]

    # 分页
    pagination_class = MyPagination

    serializer_class = UserModelSerializer
    queryset = models.UserInfo.objects.all()