1.

    def dispatch(self, request, *args, **kwargs):

        """

        `.dispatch()` is pretty much the same as Django's regular dispatch,

        but with extra hooks for startup, finalize, and exception handling.

        """

        self.args = args

        self.kwargs = kwargs

        # 第一步,对request进行加工,其实是实例化一个Requst并传入一个对象列表

        ''''''

        request = self.initialize_request(request, *args, **kwargs)

        self.request = request

        self.headers = self.default_response_headers  # deprecate?

        try:

            #第二步,

            self.initial(request, *args, **kwargs)

            # 判断其请求方式并做不同的处理

            # Get the appropriate handler method

            if request.method.lower() in self.http_method_names:

                handler = getattr(self, request.method.lower(),

                                  self.http_method_not_allowed)

            else:

                handler = self.http_method_not_allowed

            #执行method方法并返回response

            response = handler(request, *args, **kwargs)

        except Exception as exc:

            response = self.handle_exception(exc)

        self.response = self.finalize_response(request, response, *args, **kwargs)

        return self.response

2.

    def initialize_request(self, request, *args, **kwargs):

        """

        Returns the initial request object.

        """

        parser_context = self.get_parser_context(request)

        return Request(

            request,

            parsers=self.get_parsers(),

            authenticators=self.get_authenticators(),

            negotiator=self.get_content_negotiator(),

            parser_context=parser_context

        )

3.

    def get_authenticators(self):

        """

        Instantiates and returns the list of authenticators that this view can use.

        """

        return [auth() for auth in self.authentication_classes]

4.自定义类,可以重写authentication_classes

class HostView(APIView):

    authentication_classes=[]

    def get(self,request,*args,**kwargs):

        # 原来request对象,django.core.handlers.wsgi.WSGIRequest

        # 现在的request对象,rest_framework.request.Request\

        self.dispatch

        print(request.user)

        print(request.auth)

        return Response('主机列表')

5.

    def initial(self, request, *args, **kwargs):

        """

        Runs anything that needs to occur prior to calling the method handler.

        """

        self.format_kwarg = self.get_format_suffix(**kwargs)

        # Perform content negotiation and store the accepted info on the request

        neg = self.perform_content_negotiation(request)

        request.accepted_renderer, request.accepted_media_type = neg

        #版本处理

        # Determine the API version, if versioning is in use.

        version, scheme = self.determine_version(request, *args, **kwargs)

        request.version, request.versioning_scheme = version, scheme

        #权限认证

        # Ensure that the incoming request is permitted

        self.perform_authentication(request)

        self.check_permissions(request)

        self.check_throttles(request)

6.

    def perform_authentication(self, request):

        """

        Perform authentication on the incoming request.

        Note that if you override this and simply 'pass', then authentication

        will instead be performed lazily, the first time either

        `request.user` or `request.auth` is accessed.

        """

        request.user

7.执行Request类中的user属性

@property

    def user(self):

        """

        Returns the user associated with the current request, as authenticated

        by the authentication classes provided to the request.

        """

        if not hasattr(self, '_user'):

            with wrap_attributeerrors():

                self._authenticate()

        return self._user

8.

    def _authenticate(self):

        """

        Attempt to authenticate the request using each authentication instance

        in turn.

        """

        #循环对象列表

        for authenticator in self.authenticators:

            try:

                #返回一个元祖(self.force_user, self.force_token)

                user_auth_tuple = authenticator.authenticate(self)

            except exceptions.APIException:

                self._not_authenticated()

                raise

            if user_auth_tuple is not None:

                self._authenticator = authenticator

                self.user, self.auth = user_auth_tuple

                return

        self._not_authenticated()

9.

class MyBasicAuthentication(BasicAuthentication):

    def authenticate_credentials(self, userid, password, request=None):

        if userid == 'alex' and password == '':

            return ('alex','authaaaaaaaaaaaa')

        raise APIException('认证失败')

rest framework 源码流程的更多相关文章

  1. Rest Framework源码流程解析

    目录: 一 整体流程 二 具体流程 一 请求进来之后,都要先执行dispatch方法,dispatch方法根据请求方式的不同触发get/post/put/delete等方法 注意,APIView中的d ...

  2. Django Rest Framework框架源码流程

    在详细说django-rest-framework源码流程之前,先要知道什么是RESTFUL.REST API . RESTFUL是所有Web应用都应该遵守的架构设计指导原则. REST是Repres ...

  3. Django rest framework源码分析(4)----版本

    版本 新建一个工程Myproject和一个app名为api (1)api/models.py from django.db import models class UserInfo(models.Mo ...

  4. Django rest framework源码分析(1)----认证

    目录 Django rest framework(1)----认证 Django rest framework(2)----权限 Django rest framework(3)----节流 Djan ...

  5. Django rest framework源码分析(2)----权限

    目录 Django rest framework(1)----认证 Django rest framework(2)----权限 Django rest framework(3)----节流 Djan ...

  6. Django rest framework 源码分析 (1)----认证

    一.基础 django 2.0官方文档 https://docs.djangoproject.com/en/2.0/ 安装 pip3 install djangorestframework 假如我们想 ...

  7. Django REST framework 源码剖析

    前言 Django REST framework is a powerful and flexible toolkit for building Web APIs. 本文由浅入深的引入Django R ...

  8. Django Rest Framework源码剖析(五)-----解析器

    一.简介 解析器顾名思义就是对请求体进行解析.为什么要有解析器?原因很简单,当后台和前端进行交互的时候数据类型不一定都是表单数据或者json,当然也有其他类型的数据格式,比如xml,所以需要解析这类数 ...

  9. Django Rest Framework源码剖析(二)-----权限

    一.简介 在上一篇博客中已经介绍了django rest framework 对于认证的源码流程,以及实现过程,当用户经过认证之后下一步就是涉及到权限的问题.比如订单的业务只能VIP才能查看,所以这时 ...

随机推荐

  1. OpenSSL + Windows 下载安装

    Download Win32 OpenSSLhttps://slproweb.com/products/Win32OpenSSL.htmlhttps://wiki.openssl.org/index. ...

  2. golang 请求带验证信息的坑

    最近用golang 和python对接接口,由于之前验证那块没有设置好,然后又为了进度,最近决定用http自带的basic 验证, php的代码很快就验证通过了 /** * @param $url * ...

  3. Vs2017获取Git空仓库后创建解决方案及项目无法推送,推送失败的问题.

      与Git无关,因为远程是空文件夹,导致没有远程版本做对应提示更改或怎样,必须在创建人创建仓库的时候上传文件代码. https://developercommunity.visualstudio.c ...

  4. 【BZOJ3514】Codechef MARCH14 GERALD07加强版 LCT+主席树

    题解: 还是比较简单的 首先我们的思路是 确定起点 然后之后贪心的选择边(也就是越靠前越希望选) 我们发现我们只需要将起点从后向前枚举 然后用lct维护连通性 因为强制在线,所以用主席树记录状态就可以 ...

  5. Centos7X部署Zabbix监控

    一:yum安装LAMP环境 zabbix-server端防火墙配置(可以选择iptables -F清空) iptables -A INPUT -m state --state NEW -m tcp - ...

  6. Python知识回顾 —— 面向对象

    博客转载自 http://www.cnblogs.com/wupeiqi/p/4766801.html http://www.cnblogs.com/linhaifeng/articles/62040 ...

  7. websocket/dwebsocket 实现前后端的实时通信

    1.  用bottle框架,自己写一个服务端实现: 转载   :http://www.linuxyw.com/813.html 功能:用websocket技术,在运维工具的浏览器上实时显示远程服务器上 ...

  8. Codeforces 980D Perfect Groups 计数

    原文链接https://www.cnblogs.com/zhouzhendong/p/9074164.html 题目传送门 - Codeforces 980D 题意 $\rm Codeforces$ ...

  9. 最终一致性2PC复杂场景,事务报数据库操作超时。

    稀里糊涂的,忘了开启SqlServer的is read committed snapshot on

  10. objectmapper使用

    https://www.cnblogs.com/liam1994/p/5629356.html