使用Django开发简单接口实现文章增删改查

时间:2021-09-25 01:54:42

1、一些准备工作

 安装django

?
1
pip install django

创建django项目

进入项目代码存放目录执行命令:

?
1
django-admin.py startproject blog_demo

进入blog_demo,运行命令:

?
1
python3.6 manage.py runserver 9000

在浏览器地址栏打开:http://127.0.0.1:9000/ 如果出现以下画面,则说明服务器正在运行

使用Django开发简单接口实现文章增删改查

创建博客应用(app)

django中每一个app可以看作是一个模块,以app为单位,结构清晰,方便管理。

?
1
python3.6 manage.py startapp blog_api

使用开发工具打开项目blog_demo,其结构如下:

使用Django开发简单接口实现文章增删改查

2、models.py

编写模型层代码,以下语句相当于创建了两张表:user,article

?
1
2
3
4
5
6
7
8
9
10
11
12
13
class user(models.model):
  id = models.autofield(primary_key=true)
  uname = models.charfield(max_length=50)
  upwd = models.charfield(max_length=100)
  #active inactive
  status = models.charfield(max_length=10)
 
class article(models.model):
  id = models.autofield(primary_key=true)
  title = models.charfield(max_length=50)
  content = models.textfield()
  #deleted alive
  status = models.charfield(max_length=10)

创建表结构:

?
1
python3.6 manage.py migrate

settings.py文件installed_apps处新增app:blog_api

?
1
2
3
4
5
6
7
8
9
installed_apps = [
  'django.contrib.admin',
  'django.contrib.auth',
  'django.contrib.contenttypes',
  'django.contrib.sessions',
  'django.contrib.messages',
  'django.contrib.staticfiles',
  'blog_api'
]

让django知道模型有了变化:

?
1
python3.6 manage.py makemigrations blog_api

再次创建表结构:

?
1
python3.6 manage.py migrate

3、django admin

 登录

在浏览器控制台输入:http://127.0.0.1:9000/admin/login/?next=/admin/

使用Django开发简单接口实现文章增删改查

创建超级用户

?
1
2
3
4
5
6
7
8
stephen@stephen-k55vd:~/ideaprojects/blog_demo$ python3.6 manage.py createsuperuser
username (leave blank to use 'stephen'): admin
email address:
password:
password (again):
this password is too common.
bypass password validation and create user anyway? [y/n]: y
superuser created successfully.

邮件地址可以不填,注册成功后即可登录。使用admin后台来管理模型需要先注册,修改blog_api/admin.py代码

?
1
2
3
4
5
#导入模型user,article
from blog_api.models import user,article
 
admin.site.register(user)
admin.site.register(article)

刷新admin后台,就可以看到刚刚注册的模型了。

使用Django开发简单接口实现文章增删改查

4、修改urls.py

?
1
2
3
4
5
6
from blog_api.views import add_article,modify_article
urlpatterns = [
  path('admin/', admin.site.urls),
  path('articles/',add_article),
  path('articles/<int:art_id>',modify_article)
]

5、新增文章接口

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
from django.http import httpresponse,jsonresponse
from blog_api.models import user,article
import json
 
#新增文章
def add_article(request):
  if request.method == "post":
    req = json.loads(request.body)
    print (req)
    key_flag = req.get("title") and req.get("content") and len(req)==2
    #判断请求体是否正确
    if key_flag:
      title = req["title"]
      content = req["content"]
      #title返回的是一个list
      title_exist = article.objects.filter(title=title)
      #判断是否存在同名title
      if len(title_exist) != 0:
        return jsonresponse({"status":"bs.400","msg":"title aleady exist,fail to publish."})
 
      '''插入数据'''
      add_art = article(title=title,content=content,status="alive")
      add_art.save()
      return jsonresponse({"status":"bs.200","msg":"publish article sucess."})
    else:
      return jsonresponse({"status":"bs.400","message":"please check param."})

使用postman工具调用接口,运行结果:

使用Django开发简单接口实现文章增删改查

6、查询文章接口

?
1
2
3
4
5
6
7
#查询所有文章和状态
  if request.method == "get":
    articles = {}
    query_art = article.objects.all()
    for title in query_art:
      articles[title.title] = title.status
    return jsonresponse({"status":"bs.200","all_titles":articles,"msg":"query articles sucess."})

运行结果:

使用Django开发简单接口实现文章增删改查

7、修改文章接口

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#修改文章
def modify_article(request,art_id):
  if request.method == "post":
    req = json.loads(request.body)
    try:
      art = article.objects.get(id=art_id)
      key_flag = req.get("title") and req.get("content") and len(req)==2
      if key_flag:
        title = req["title"]
        content = req["content"]
        title_exist = article.objects.filter(title=title)
        if len(title_exist) > 1:
          return jsonresponse({"status":"bs.400","msg":"title aleady exist."})
        '''更新数据'''
        old_art = article.objects.get(id=art_id)
        old_art.title = title
        old_art.content = content
        old_art.save()
        return jsonresponse({"status":"bs.200","msg":"modify article sucess."})
    except article.doesnotexist:
      return jsonresponse({"status":"bs.300","msg":"article is not exists,fail to modify."})

运行结果:

使用Django开发简单接口实现文章增删改查

8、删除文章接口

?
1
2
3
4
5
6
7
8
9
#删除文章
  if request.method == "delete":
    try:
      art = article.objects.get(id=art_id)
      art_id = art.id
      art.delete()
      return jsonresponse({"status":"bs.200","msg":"delete article sucess."})
    except article.doesnotexist:
      return jsonresponse({"status":"bs.300","msg":"article is not exists,fail to delete."})

运行结果:

使用Django开发简单接口实现文章增删改查

9、鉴权

四个简单的接口已经可以运行了,但是在发请求之前没有进行鉴权,毫无安全性可言。下面来实现简单的认证机制。需要用到内建模块hashlib,hashlib提供了常见的摘要算法,如md5,sha1等。

鉴权接口

新增一个专门用于鉴权的接口。在urls.py中添加

?
1
path("auth/",get_token)

在views.py前面新增函数get_token(request)

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
import hashlib
 
#获取token
def get_token(request):
  req = json.loads(request.body)
  uname = req["username"]
  upwd = req["password"]
  if request.method == "post":
    try:
      tmppwd =user.objects.get(uname=uname).upwd
      if upwd == tmppwd:
        md5 = hashlib.md5()
        #把密码变成一个长度固定的字符串
        md5.update(upwd.encode("utf-8"))
        return jsonresponse({"status":"bs.201","x-token":md5.hexdigest()})
      else:
        return jsonresponse({"status":"bs.401","msg":"username or password may wrong."})
 
    except user.doesnotexist:
      return jsonresponse({"status":"bs.500","msg":"username is not exist."})

登录django admin在blog_api下的user表新增一条记录。运行结果:

使用Django开发简单接口实现文章增删改查

用户认证

request.meta.get(“header key”) 用于获取header的信息。注意的是header key必须增加前缀http,同时大写,中划先会转成下划线,例如你的key为x-token,那么应该写成request.meta.get("http_x_token"),修改views.py在get_token后面加上如下代码:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
#认证动作
def user_auth(request):
 
  token = request.meta.get("http_x_token",b'')
  print (token)
  if token:
    #暂时先写上auth接口返回的数据
    if token=="0a6db4e59c7fff2b2b94a297e2e5632e":
      return "auth_sucess"
    else:
      return "auth_fail"
  else:
    return "auth_fail"

在接口中调用user_auth函数,以发布文章接口为例:

?
1
2
3
4
5
6
7
8
9
10
#新增文章
def add_article(request):
  auth_res = user_auth(request)
  if auth_res == "auth_fail":
    return jsonresponse({"status":"bs.401","msg":"user auth failed."})
  else:
    if request.method == "post":
      req = json.loads(request.body)
      print (req)
      .......

再次使用postman工具调用新增文章接口,header中没有x-token或x-token错误时的运行结果:

使用Django开发简单接口实现文章增删改查

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。

原文链接:http://www.cnblogs.com/webDepOfQWS/p/10693152.html