在views中
from rest_framework.views import APIView
from rest_framework.viewsets import ViewSetMixin
import hashlib
import time
from app01 import models
from rest_framework.response import Response
from django.http import JsonResponse
class Login(ViewSetMixin,APIView):
def get_token(self):
h6=hashlib.md5()
ctime=time.time()
h6.update(bytes(str(ctime),encoding='utf-8'))
token=h6.hexdigest()
return token
def ulogin(self,request):
response={'status':100,'msg':'登录成功'}
name=request.data.get('name')
pwd=request.data.get('pwd')
user=models.UserInfo.objects.all().filter(name=name,pwd=pwd).first()
if user:
ret=models.UserToken.objects.all().create(token=self.get_token(),user=user)#登录成功就去数据库中写token
response['token']=self.get_token()
else:
response['status']=101
response['msg']='用户名或密码错误'
return Response(response)
class Author(ViewSetMixin,APIView):
#局部使用登录认证,频率,权限
throttle_classes = [MyThrottle, ]
authentication_classes = [LoginAuth, ]
permission_classes = [UserPermission,]
def get_authors(self,request):
author=models.Author.objects.all()
ser=Myser.Authorser(author,many=True)
return Response(ser.data)
#频率错误信息显示
def throttled(self, request, wait):
class MyThrottled(exceptions.Throttled):
default_detail = '×××'
extra_detail_singular = '还剩 {wait} 秒.'
extra_detail_plural = '还剩 {wait} 秒'
在MyAuth中----------------------------------------------------------------------------------------------------
from app01 import models
from rest_framework import exceptions
class LoginAuth():
def authenticate(self, request):
token = request.query_params.get('token')
ret = models.UserToken.objects.all().filter(token=token).first()
if ret:
return ret.user, ret
else:
raise exceptions.APIException('认证失败')
class UserPermission():
# message是出错显示的中文
message = '您没有权限查看'
def has_permission(self, request, view):
user_type = request.user.user_type
# 取出用户类型对应的文字
# 固定用法:get_字段名字_display()
user_type_name = request.user.get_user_type_display()
print(user_type_name)
if user_type == 2:
return True
else:
return False
from rest_framework.throttling import SimpleRateThrottle
class MyThrottle(SimpleRateThrottle):
scope = 'pinglv'
def get_cache_key(self, request, view):
return self.get_ident(request)
在Myser中---------------------------------------------------------------------------------
from rest_framework import serializers
from app01 import models
class Bookser(serializers.ModelSerializer):
class Meta:
model=models.Book
fields='__all__'
class Authorser(serializers.ModelSerializer):
class Meta:
model=models.Author
fields='__all__'
在setting中-----------------------------------------------------------------------------------------
REST_FRAMEWORK = {
# 'DEFAULT_AUTHENTICATION_CLASSES':['app01.MyAuth.LoginAuth',],#认证全局使用
# 'DEFAULT_PERMISSION_CLASSES':['app01.MyAuth.UserPermission',],#权限全局使用
# 'DEFAULT_THROTTLE_CLASSES': ['app01.MyAuth.MyThrottle', ],#频率全局使用
# 每分钟访问10次
'DEFAULT_THROTTLE_RATES': {
'pinglv': '10/m'
},
}
网页题目:rest_framework认证,频率,权限
本文来源:
http://bzwzjz.com/article/pijcgs.html