class TestView(APIView): ''' 调用这个函数的时候,会自动触发authentication_classes的运行,所以会先执行上边的类 ''' authentication_classes = [TestAuthentication,] permission_classes = [] # def dispath(self,request,*args,**kwargs): # return super().dispatch(request,*args,**kwargs) def get(self,request,*args,**kwargs): # self.dispatch() #用户访问这个函数,首先执行里面的dispatch方法 1,入口 print("====request.user====",request.user) #当前登录的用户 print("====request.auth====",request.auth) #获取到的用户token return Response("GET请求,响应内容") def post(self,request,*args,**kwargs): return Response("POST请求,响应内容") def put(self,request,*args,**kwargs): return Response("PUT请求,响应内容")
def dispatch(self, request, *args, **kwargs): """ `.dispatch()` is pretty much the same as Django's regular dispatch, but with extra hooks for startup, finalize, and exception handling. """ self.args = args self.kwargs = kwargs """ # 对request进行加工,增加了下边这几个新的功能 parsers=self.get_parsers(), authenticators=self.get_authenticators(), negotiator=self.get_content_negotiator(), parser_context=parser_context """ request = self.initialize_request(request, *args, **kwargs) self.request = request self.headers = self.default_response_headers # deprecate? try: """2 版本处理 用户认证 权限 访问频率限制 """ self.initial(request, *args, **kwargs) # Get the appropriate handler method # 3,通过反射执行函数 if request.method.lower() in self.http_method_names: handler = getattr(self, request.method.lower(), self.http_method_not_allowed) else: handler = self.http_method_not_allowed response = handler(request, *args, **kwargs) except Exception as exc: response = self.handle_exception(exc) # 4对结果再次加工 self.response = self.finalize_response(request, response, *args, **kwargs) return self.response
# 从上边进来之后首先执行他的initialize方法 ===================第一步,对request进行加工,扩展了很多的功能 request = self.initialize_request(request, *args, **kwargs) self.request = request self.headers = self.default_response_headers # deprecate? def initialize_request(self, request, *args, **kwargs): """ Returns the initial request object. """ parser_context = self.get_parser_context(request) # 对request进行加工,多了很多功能 return Request( request, parsers=self.get_parsers(), authenticators=self.get_authenticators(), negotiator=self.get_content_negotiator(), parser_context=parser_context )
接下来走try,执行里面的initial方法,处理版本信息,认证,权限,访问控制 def initial(self, request, *args, **kwargs): """ Runs anything that needs to occur prior to calling the method handler. """ self.format_kwarg = self.get_format_suffix(**kwargs) # Perform content negotiation and store the accepted info on the request neg = self.perform_content_negotiation(request) request.accepted_renderer, request.accepted_media_type = neg # Determine the API version, if versioning is in use. # 处理版本信息 version, scheme = self.determine_version(request, *args, **kwargs) request.version, request.versioning_scheme = version, scheme # Ensure that the incoming request is permitted # 认证 self.perform_authentication(request) # 权限 self.check_permissions(request) # 访问频率控制 self.check_throttles(request)
from django.views.decorators.csrf import csrf_exempt 假如用这个装饰器“@csrf_exempt”装饰过的函数不需要经过csrf验证