在views中 from rest_framework.views import APIView from rest_framework.viewsets import ViewSetMixin import hashlib import time from app01 import models from rest_framework.response import Response from django.http import JsonResponse class Login(ViewSetMixin,APIView): def get_token(self): h6=hashlib.md5() ctime=time.time() h6.update(bytes(str(ctime),encoding='utf-8')) token=h6.hexdigest() return token def ulogin(self,request): response={'status':100,'msg':'登录成功'} name=request.data.get('name') pwd=request.data.get('pwd') user=models.UserInfo.objects.all().filter(name=name,pwd=pwd).first() if user: ret=models.UserToken.objects.all().create(token=self.get_token(),user=user)#登录成功就去数据库中写token response['token']=self.get_token() else: response['status']=101 response['msg']='用户名或密码错误' return Response(response) class Author(ViewSetMixin,APIView): #局部使用登录认证,频率,权限 throttle_classes = [MyThrottle, ] authentication_classes = [LoginAuth, ] permission_classes = [UserPermission,] def get_authors(self,request): author=models.Author.objects.all() ser=Myser.Authorser(author,many=True) return Response(ser.data) #频率错误信息显示 def throttled(self, request, wait): class MyThrottled(exceptions.Throttled): default_detail = '×××' extra_detail_singular = '还剩 {wait} 秒.' extra_detail_plural = '还剩 {wait} 秒' 在MyAuth中---------------------------------------------------------------------------------------------------- from app01 import models from rest_framework import exceptions class LoginAuth(): def authenticate(self, request): token = request.query_params.get('token') ret = models.UserToken.objects.all().filter(token=token).first() if ret: return ret.user, ret else: raise exceptions.APIException('认证失败') class UserPermission(): # message是出错显示的中文 message = '您没有权限查看' def has_permission(self, request, view): user_type = request.user.user_type # 取出用户类型对应的文字 # 固定用法:get_字段名字_display() user_type_name = request.user.get_user_type_display() print(user_type_name) if user_type == 2: return True else: return False from rest_framework.throttling import SimpleRateThrottle class MyThrottle(SimpleRateThrottle): scope = 'pinglv' def get_cache_key(self, request, view): return self.get_ident(request) 在Myser中--------------------------------------------------------------------------------- from rest_framework import serializers from app01 import models class Bookser(serializers.ModelSerializer): class Meta: model=models.Book fields='__all__' class Authorser(serializers.ModelSerializer): class Meta: model=models.Author fields='__all__' 在setting中----------------------------------------------------------------------------------------- REST_FRAMEWORK = { # 'DEFAULT_AUTHENTICATION_CLASSES':['app01.MyAuth.LoginAuth',],#认证全局使用 # 'DEFAULT_PERMISSION_CLASSES':['app01.MyAuth.UserPermission',],#权限全局使用 # 'DEFAULT_THROTTLE_CLASSES': ['app01.MyAuth.MyThrottle', ],#频率全局使用 # 每分钟访问10次 'DEFAULT_THROTTLE_RATES': { 'pinglv': '10/m' }, }