主要的思路:
设置一个基于CORS的中间件来处理,
settings.py:
MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'api.cors.CORSMiddleware',]
cors.py:
class CORSMiddleware(MiddlewareMixin): def process_response(self,request,response): # 添加响应头 # 允许你的域名来获取我的数据 # response['Access-Control-Allow-Origin'] = "*" # 允许你携带Content-Type请求头 # response['Access-Control-Allow-Headers'] = "Content-Type" # 允许你发送DELETE,PUT # response['Access-Control-Allow-Methods'] = "DELETE,PUT" response['Access-Control-Allow-Origin'] = "*" if request.method == "OPTIONS": response['Access-Control-Allow-Headers'] = "Content-Type" response['Access-Control-Allow-Methods'] = "PUT,DELETE" return response
urls.py:
urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^api/(?P\w+)/', include('api.urls')),]
1.API汇总
-
查询所有的课程
-
查询课程详细
-
登陆认证
-
微学位
1.1 课程接口
序列化课程表:
from api import modelsfrom rest_framework import serializersclass CourseSerializer(serializers.ModelSerializer): """ 课程序列化 """ level = serializers.CharField(source='get_level_display') class Meta: model = models.Course fields = ['id', 'title', 'course_img', 'level']class CourseDetailSerializer(serializers.ModelSerializer): """ 课程详细序列化 """ # one2one/fk/choice title = serializers.CharField(source='course.title') img = serializers.CharField(source='course.course_img') level = serializers.CharField(source='course.get_level_display') # m2m recommends = serializers.SerializerMethodField() chapter = serializers.SerializerMethodField() class Meta: model = models.CourseDetail fields = ['course', 'title', 'img', 'level', 'slogon', 'why', 'recommends', 'chapter'] def get_recommends(self, obj): # 获取推荐的所有课程 queryset = obj.recommend_courses.all() return [{ 'id': row.id, 'title': row.title} for row in queryset] def get_chapter(self, obj): # 获取推荐的所有课程 queryset = obj.course.chapter_set.all() return [{ 'id': row.id, 'name': row.name} for row in queryset]
course.py:
from api import modelsfrom rest_framework import serializersclass CourseSerializer(serializers.ModelSerializer): """ 课程序列化 """ level = serializers.CharField(source='get_level_display') class Meta: model = models.Course fields = ['id', 'title', 'course_img', 'level']class CourseDetailSerializer(serializers.ModelSerializer): """ 课程详细序列化 """ # one2one/fk/choice title = serializers.CharField(source='course.title') img = serializers.CharField(source='course.course_img') level = serializers.CharField(source='course.get_level_display') # m2m recommends = serializers.SerializerMethodField() chapter = serializers.SerializerMethodField() class Meta: model = models.CourseDetail fields = ['course', 'title', 'img', 'level', 'slogon', 'why', 'recommends', 'chapter'] def get_recommends(self, obj): # 获取推荐的所有课程 queryset = obj.recommend_courses.all() return [{ 'id': row.id, 'title': row.title} for row in queryset] def get_chapter(self, obj): # 获取推荐的所有课程 queryset = obj.course.chapter_set.all() return [{ 'id': row.id, 'name': row.name} for row in queryset]
urls.py:
url(r'^course/$', course.CourseView.as_view({ 'get':'list'})), url(r'^course/(?P\d+)/$', course.CourseView.as_view({ 'get':'retrieve'})),
1.2 登陆认证接口:
要点:
-
为了保证接口的安全,即使Vue部分已经完成了用户的认证,接口还是需要对Vue的token进行认证。
-
uuid可以用来生成随机字符串,且基于mac地址与时间的组合,安全性较高。此字符串可以用来作为我们的token
account.py
import uuidclass AuthView(APIView): def post(self,request,*args,**kwargs): """ 用户登录认证 :param request: :param args: :param kwargs: :return: """ ret = { 'code':1000} user = request.data.get('user') pwd = request.data.get('pwd') user = models.UserInfo.objects.filter(user=user,pwd=pwd).first() if not user: ret['code'] = 1001 ret['error'] = '用户名或密码错误' else: # 这里就是利用uuid模块来生成安全性较高的字符串 uid = str(uuid.uuid4()) models.UserToken.objects.update_or_create(user=user,defaults={ 'token':uid}) ret['token'] = uid return Response(ret)
1.3 微职位接口
views.py:
class MicroView(APIView): authentication_classes = [LuffyAuth,] def get(self,request,*args,**kwargs): ret = { 'code':1000,'title':'微职位'} return Response(ret)
urls.py:
url(r'^micro/$', course.MicroView.as_view())