class TestView(APIView):
'''
调用这个函数的时候,会自动触发authentication_classes的运行,所以会先执行上边的类
'''
authentication_classes = [TestAuthentication,]
permission_classes = []
# def dispath(self,request,*args,**kwargs):
# return super().dispatch(request,*args,**kwargs)
def get(self,request,*args,**kwargs):
# self.dispatch() #用户访问这个函数,首先执行里面的dispatch方法 1,入口
print("====request.user====",request.user) #当前登录的用户
print("====request.auth====",request.auth) #获取到的用户token
return Response("GET请求,响应内容")
def post(self,request,*args,**kwargs):
return Response("POST请求,响应内容")
def put(self,request,*args,**kwargs):
return Response("PUT请求,响应内容")
def dispatch(self, request, *args, **kwargs):
"""
`.dispatch()` is pretty much the same as Django's regular dispatch,
but with extra hooks for startup, finalize, and exception handling.
"""
self.args = args
self.kwargs = kwargs
"""
# 对request进行加工,增加了下边这几个新的功能
parsers=self.get_parsers(),
authenticators=self.get_authenticators(),
negotiator=self.get_content_negotiator(),
parser_context=parser_context
"""
request = self.initialize_request(request, *args, **kwargs)
self.request = request
self.headers = self.default_response_headers # deprecate?
try:
"""2
版本处理
用户认证
权限
访问频率限制
"""
self.initial(request, *args, **kwargs)
# Get the appropriate handler method
# 3,通过反射执行函数
if request.method.lower() in self.http_method_names:
handler = getattr(self, request.method.lower(),
self.http_method_not_allowed)
else:
handler = self.http_method_not_allowed
response = handler(request, *args, **kwargs)
except Exception as exc:
response = self.handle_exception(exc)
# 4\对结果再次加工
self.response = self.finalize_response(request, response, *args, **kwargs)
return self.response
# 从上边进来之后首先执行他的initialize方法 ===================第一步,对request进行加工,扩展了很多的功能
request = self.initialize_request(request, *args, **kwargs)
self.request = request
self.headers = self.default_response_headers # deprecate?
def initialize_request(self, request, *args, **kwargs):
"""
Returns the initial request object.
"""
parser_context = self.get_parser_context(request)
# 对request进行加工,多了很多功能
return Request(
request,
parsers=self.get_parsers(),
authenticators=self.get_authenticators(),
negotiator=self.get_content_negotiator(),
parser_context=parser_context
)
接下来走try,执行里面的initial方法,处理版本信息,认证,权限,访问控制
def initial(self, request, *args, **kwargs):
"""
Runs anything that needs to occur prior to calling the method handler.
"""
self.format_kwarg = self.get_format_suffix(**kwargs)
# Perform content negotiation and store the accepted info on the request
neg = self.perform_content_negotiation(request)
request.accepted_renderer, request.accepted_media_type = neg
# Determine the API version, if versioning is in use.
# 处理版本信息
version, scheme = self.determine_version(request, *args, **kwargs)
request.version, request.versioning_scheme = version, scheme
# Ensure that the incoming request is permitted
# 认证
self.perform_authentication(request)
# 权限
self.check_permissions(request)
# 访问频率控制
self.check_throttles(request)
from django.views.decorators.csrf import csrf_exempt
假如用这个装饰器“@csrf_exempt”装饰过的函数不需要经过csrf验证
