rest_framework认证,频率,权限

在views中

from rest_framework.views import APIView
from rest_framework.viewsets import ViewSetMixin
import hashlib
import time
from app01 import models
from rest_framework.response import Response
from django.http import JsonResponse
class Login(ViewSetMixin,APIView):
    def get_token(self):
        h6=hashlib.md5()
        ctime=time.time()
        h6.update(bytes(str(ctime),encoding='utf-8'))
        token=h6.hexdigest()
        return token

    def ulogin(self,request):

        response={'status':100,'msg':'登录成功'}
        name=request.data.get('name')
        pwd=request.data.get('pwd')
        user=models.UserInfo.objects.all().filter(name=name,pwd=pwd).first()
        if user:
            ret=models.UserToken.objects.all().create(token=self.get_token(),user=user)#登录成功就去数据库中写token
            response['token']=self.get_token()

        else:
            response['status']=101
            response['msg']='用户名或密码错误'
        return Response(response)




class Author(ViewSetMixin,APIView):
#局部使用登录认证,频率,权限
    throttle_classes = [MyThrottle, ]
    authentication_classes = [LoginAuth, ]
    permission_classes = [UserPermission,]
    def get_authors(self,request):
        author=models.Author.objects.all()
        ser=Myser.Authorser(author,many=True)
        return Response(ser.data)

#频率错误信息显示
    def throttled(self, request, wait):
        class MyThrottled(exceptions.Throttled):
            default_detail = '×××'
            extra_detail_singular = '还剩 {wait} 秒.'
            extra_detail_plural = '还剩 {wait} 秒'

在MyAuth中----------------------------------------------------------------------------------------------------


from app01 import models
from rest_framework import exceptions


class LoginAuth():
    def authenticate(self, request):
        token = request.query_params.get('token')
        ret = models.UserToken.objects.all().filter(token=token).first()
        if ret:
            return ret.user, ret
        else:
            raise exceptions.APIException('认证失败')


class UserPermission():
    # message是出错显示的中文
    message = '您没有权限查看'

    def has_permission(self, request, view):
        user_type = request.user.user_type
        # 取出用户类型对应的文字
        # 固定用法:get_字段名字_display()
        user_type_name = request.user.get_user_type_display()
        print(user_type_name)
        if user_type == 2:
            return True
        else:
            return False

from rest_framework.throttling import SimpleRateThrottle
class MyThrottle(SimpleRateThrottle):
    scope = 'pinglv'

    def get_cache_key(self, request, view):
        return self.get_ident(request)




在Myser中---------------------------------------------------------------------------------

from rest_framework import serializers
from app01 import models
class Bookser(serializers.ModelSerializer):
    class Meta:
        model=models.Book
        fields='__all__'



class Authorser(serializers.ModelSerializer):
    class Meta:
        model=models.Author
        fields='__all__'
        
        
        
        
在setting中-----------------------------------------------------------------------------------------



REST_FRAMEWORK = {
    # 'DEFAULT_AUTHENTICATION_CLASSES':['app01.MyAuth.LoginAuth',],#认证全局使用
    # 'DEFAULT_PERMISSION_CLASSES':['app01.MyAuth.UserPermission',],#权限全局使用
    # 'DEFAULT_THROTTLE_CLASSES': ['app01.MyAuth.MyThrottle', ],#频率全局使用
    # 每分钟访问10次
    'DEFAULT_THROTTLE_RATES': {
        'pinglv': '10/m'
    },
}

网站名称:rest_framework认证,频率,权限
标题来源:http://ybzwz.com/article/pijcgs.html