本文共 9594 字,大约阅读时间需要 31 分钟。
pip install djangorestframeword # 使用pip命令进行djangorestFramework
from django.db import models'''===================================@Project:wisdomShop@Author:班婕妤@Date:10/3/2020 下午2:14@Company:深圳市智慧养老宝科技有限公司@Motto:心有猛虎,细嗅蔷薇@Python_Version:3.7.3@Django_Version:2.1.5======================================='''class Userinfo(models.Model):USER_TYPE = ( (1, '普通用户'), (2, 'VIP'), (3, 'SVIP'))user_type = models.IntegerField(choices=USER_TYPE, blank=True, null=True)userName = models.CharField(max_length=10)userPwd = models.CharField(max_length=100)userTelphone = models.CharField(max_length=10)userAddress = models.CharField(max_length=10)userAge = models.CharField(max_length=4)class UserToken(models.Model): user = models.OneToOneField(Userinfo, on_delete=models.CASCADE) token = models.CharField(max_length=64)
// An highlighted blockvar foo = 'bar';
python manage.py makemigrations zhylbwgpython manage.py migrate zhylbwg
# -*- coding: utf-8 -*- '''=================================== @Project:wisdomShop @Author:班婕妤 @Date:5/3/2020 下午1:50 @Company:深圳市智慧养老宝科技有限公司 @Motto:心有猛虎,细嗅蔷薇 @Python_Version:3.7.3 @Django_Version:2.1.5 =======================================''' from django.shortcuts import render,HttpResponse import pandas as pd import json from zhylbwg.models import loginModels from zhylbwg.views import md5 # 导入自定义md5加密函数 from zhylbwg.views import requestResult # 导入自定义的统一返回函数 def register(request): # 判断是否为post请求 if request.method == "POST": # 获取请求头数据,请求以json的格式传输 registerinformation = request.body # 将请求头数据转化为json格式 registerinformationData = json.loads(registerinformation) # 获取用户名 userName = registerinformationData.get('userName') # 从数据库中查找是否存在该用户名 userNameDB = loginModels.Userinfo.objects.filter(userName=userName) # 判断用户名是否存在,若存在,则提示已有该用户,若不存在,则进行密码加密后存储到数据库中 if not userNameDB: return HttpResponse(json.dumps(requestResult.result_json('312', '该用户名已经存在', '')), content_type="application/json,charset=utf-8") else: # 获取用户密码 # userPwd = registerinformationData.get('userPwd') # 密码加密操作md5,md5加密功能具体看md5加密代码 userPwdMd5 = md5.Md5(userPwd) # 将加密后的密码赋值给请求头中的密码参数 registerinformationData["userPwd"] = userPwdMd5 # 将json格式数据,类型为dict 存储到数据库中,表明为Userinfo,将注册请求存储到数据库中 loginModels.Userinfo.objects.create(**registerinformationData) return HttpResponse(json.dumps(requestResult.result_json('201', '注册成功,请登录', '')), content_type="application/json,charset=utf-8") else: return HttpResponse(json.dumps(requestResult.result_json('501', '不是post请求', '')), content_type="application/json,charset=utf-8")
// An highlighted block# -*- coding: utf-8 -*-'''===================================@Project:wisdomShop@Author:班婕妤@Date:5/3/2020 下午1:50@Company:深圳市智慧养老宝科技有限公司@Motto:心有猛虎,细嗅蔷薇@Python_Version:3.7.3@Django_Version:2.1.5======================================='''import hashlib # 使用hashlib模块进行md5操作def Md5(str): md5 = hashlib.md5() # 创建md5对象 # 此处必须声明encode # 若写法为hl.update(str) 报错为: Unicode-objects must be encoded before hashing md5.update(str.encode(encoding='utf-8')) # 把输入的旧密码装换为md5格式 result = md5.hexdigest() # 返回加密结果 return result
// An highlighted block# -*- coding: utf-8 -*-'''===================================@Project:wisdomShop@Author:班婕妤@Date:5/3/2020 下午1:50@Company:深圳市智慧养老宝科技有限公司@Motto:心有猛虎,细嗅蔷薇@Python_Version:3.7.3@Django_Version:2.1.5======================================='''# 定义统一的json返回格式def result_json(code, msg, data): # 创建一个空字典 result = { "code": code, "msg": msg, "data": data} return result
// An highlighted block# -*- coding: utf-8 -*-'''===================================@Project:wisdomShop@Author:班婕妤@Date:10/3/2020 下午2:14@Company:深圳市智慧养老宝科技有限公司@Motto:心有猛虎,细嗅蔷薇@Python_Version:3.7.3@Django_Version:2.1.5======================================='''from django.shortcuts import renderfrom django.http import JsonResponsefrom rest_framework.views import APIViewfrom zhylbwg.models.auth import auth_modelsfrom zhylbwg.views import md5from django.views import Viewfrom zhylbwg.models import loginModels''' 用户验证,当用户首次登录时随机生成一个token'''# CBV 视图模式class AuthView(APIView): ''' 在配置了全局认证的情况下,可以使用authentication_classes = [] 表示该视图不进行认证 ''' authentication_classes = [] def post(self, request): ret = { 'code': 1000, 'msg': None} try: user = request.POST.get('username') pwd = md5.Md5(request.POST.get('password')) obj = loginModels.Userinfo.objects.filter(userName=user, userPwd=pwd).first() if not obj: ret['code'] = 1001 ret['msg'] = '用户名或密码错误' # 为用户创建token token = md5.Md5(user) print(token) # 存在就更新,不存在就创建 loginModels.UserToken.objects.update_or_create(user=obj, defaults={ 'token': token}) ret['token'] = token except Exception as e: ret['code'] = 1002 ret['msg'] = '请求异常' return JsonResponse(ret)
// An highlighted block#-*- coding: utf-8 -*-'''===================================@Project:wisdomShop@Author:班婕妤@Date:11/3/2020 下午1:40@Company:深圳市智慧养老宝科技有限公司@Motto:心有猛虎,细嗅蔷薇@Python_Version:3.7.3@Django_Version:2.1.5======================================='''# 超管角色级别访问的信息from rest_framework.permissions import BasePermission''' 自定义权限类的使用步骤 (1)使用 自己写的权限类:1.必须继承BasePermission类; 2.必须实现:has_permission方法 (2)返回值 True 有权访问 False 无权访问 (3)局部 permission_classes = [MyPremission,] (4)全局 REST_FRAMEWORK = { #权限 "DEFAULT_PERMISSION_CLASSES":['zhylbwg.utils.premission.AdminRolePremission'], }'''class AdminRolePremission(BasePermission): message = "必须是超级管理员角色才能访问" def has_permission(self,request,view): print(request.user.userName) if request.user.user_type != 1: return False return True# 客服角色级别访问的信息class DocterRolePremission(BasePermission): message = "必须是客服角色才能访问" # 这里的message表示如果不通过权限的时候,错误提示信息 def has_permission(self,request,view): if request.user.user_type == 2 or request.user.user_type==1: # False表示没有权限,提示message的信息 # True 便是有权限,继续执行 return False # 若user_type 的值恒等于2 ,则表示权限不通过,输出提示message的信息 return True# 客服角色级别访问的信息class AdminAndDoctorRolePremission(BasePermission): message = "必须是超级管理员或者医生角色才能访问" def has_permission(self,request,view): print(request.user.userName) if request.user_type == 3: return False return True
// An highlighted block#-*- coding: utf-8 -*-'''===================================@Project:wisdomShop@Author:班婕妤@Date:11/3/2020 下午1:50@Company:深圳市智慧养老宝科技有限公司@Motto:心有猛虎,细嗅蔷薇@Python_Version:3.7.3@Django_Version:2.1.5======================================='''from django.shortcuts import render,HttpResponsefrom django.http import JsonResponsefrom rest_framework.views import APIViewfrom zhylbwg.models import loginModelsfrom rest_framework.request import Requestfrom rest_framework import exceptionsfrom rest_framework.authentication import BaseAuthenticationfrom zhylbwg.util import premissionSelffrom zhylbwg.util.authenticationSelf import AuthenticationSelffrom zhylbwg.util.premissionSelf import DocterRolePremissionfrom zhylbwg.views import md5ORDER_DICT = { 1:{ 'name':'apple', 'price':15 }, 2:{ 'name':'dog', 'price':100 }}class DoctorOrderView(APIView): ''' 订单相关业务(只有SVIP用户才能看) ''' authentication_classes = [AuthenticationSelf,] # 局部认证 permission_classes = [DocterRolePremission,] # 局部权限 def get(self,request,*args,**kwargs): print(request.user.user_type) self.dispatch #request.user #request.auth ret = { 'code':1000,'msg':None,'data':None} try: ret['data'] = ORDER_DICT except Exception as e: pass return JsonResponse(ret)class AdminAndDoctorOrderView(APIView): ''' 订单相关业务(只有SVIP用户才能看) ''' def get(self,request,*args,**kwargs): self.dispatch #request.user #request.auth ret = { 'code':1000,'msg':None,'data':None} try: ret['data'] = ORDER_DICT except Exception as e: pass return JsonResponse(ret)class UserInfoView(APIView): ''' 订单相关业务(普通用户和VIP用户可以看) ''' # permission_classes = [MyPremission,] #不用全局的权限配置的话,这里就要写自己的局部权限 def get(self,request,*args,**kwargs): print(request.user) return HttpResponse('用户信息')
// An highlighted block # 角色权限控制 path('zhylbwg/per/admin/', AuthView.as_view()), # 生成token path('zhylbwg/per/doctor/', DoctorOrderView.as_view()), # 医生权限测 path('zhylbwg/per/admin/', CustomerRoleOrderView.as_view()), # 医生权限测 path('zhylbwg/per/adminAndDoctor/', AdminAndDoctorOrderView.as_view()), # 超管和医生权限
// An highlighted blockREST_FRAMEWORK = { # 全局认证类不要放在views下 "DEFAULT_AUTHENTICATION_CLASSES":['zhylbwg.util.authenticationSelf.AuthenticationSelf',], # 全局权限配置 "DEFAULT_PERMISSION_CLASSES":['zhylbwg.util.premissionSelf.DocterRolePremission',]}
转载地址:http://faqms.baihongyu.com/