Django 之REST framework学习:Authentication认证流程源码剖析
2018-02-05 15:42
806 查看
首先请求进来会执行APIView.dispatch():
下面我们应该主要看下
self.initial(request, *args, **kwargs)
接着我们看下
找到
下一步:
class APIView(View): def dispatch(self, request, *args, **kwargs): self.args = args self.kwargs = kwargs #初始化request,封装认证等对象列表 """ return Request( request, parsers=self.get_parsers(), authenticators=self.get_authenticators(), negotiator=self.get_content_negotiator(), parser_context=parser_context ) """ request = self.initialize_request(request, *args, **kwargs) self.request = request self.headers = self.default_response_headers # deprecate? try: #在请求方法处理之前调用的一些方法:比如版本,认证,权限,节流四部: self.initial(request, *args, **kwargs) # Get the appropriate handler method if request.method.lower() in self.http_method_names: handler = getattr(self, request.method.lower(), self.http_method_not_allowed) else: handler = self.http_method_not_allowed response = handler(request, *args, **kwargs) except Exception as exc: response = self.handle_exception(exc) #处理返回值并最终返回 self.response = self.finalize_response(request, response, *args, **kwargs) return self.response
下面我们应该主要看下
self.initial():
self.initial(request, *args, **kwargs)
def initial(self, request, *args, **kwargs): """ Runs anything that needs to occur prior to calling the method handler. """ self.format_kwarg = self.get_format_suffix(**kwargs) # Perform content negotiation and store the accepted info on the request neg = self.perform_content_negotiation(request) request.accepted_renderer, request.accepted_media_type = neg # Determine the API version, if versioning is in use. #版本信息处理 version, scheme = self.determine_version(request, *args, **kwargs) request.version, request.versioning_scheme = version, scheme # Ensure that the incoming request is permitted #认证信息处理(我们主要看的地方) self.perform_authentication(request) self.check_permissions(request) self.check_throttles(request)
接着我们看下
self.perform_authentication(request):
def perform_authentication(self, request): request.user
找到
Request类中的
user属性方法,最终会执行
self._authenticate()
class Request(object): @property def user(self): """ Returns the user associated with the current request, as authenticated by the authentication classes provided to the request. """ if not hasattr(self, '_user'): with wrap_attributeerrors(): self._authenticate() return self._user
下一步:
def _authenticate(self): #遍历Request类中封装的self.authenticators(这个是前面initialize_request封装的对象列表), #分别执行authenticate方法,成功返回self.user, self.auth;失败抛异常:APIException。 for authenticator in self.authenticators: try: user_auth_tuple = authenticator.authenticate(self) except exceptions.APIException: self._not_authenticated() raise if user_auth_tuple is not None: self._authenticator = authenticator self.user, self.auth = user_auth_tuple return
以上就是整个的Authentication认证流程,其他流程包括权限和节流都是一样的套路,这样我们懂了认证流程后就可以自定制认证流程了,自定制认证流程代码先不上了,等抽空补上!
相关文章推荐
- django Rest Framework----认证/访问权限控制/访问频率限制 执行流程 Authentication/Permissions/Throttling 源码分析
- Django 之REST framework学习4:认证和权限(Authentication & Permissions)
- Django rest_framework 认证源码流程
- Django REST framework之认证权限流程源码分析
- Django-Rest-Framework部分源码流程分析
- 学习django-rest-framework turorial遇到的坑
- Django 之REST framework学习1:Serialization(序列化)
- MaNGOS-Zero源码学习之realmd认证登录服务器(一):认证登录基本流程
- python django rest framework Serialization 的学习
- django rest_framework 学习
- Django 之REST framework学习6:视图集合类和路由器(ViewSets & Routers)
- Django 之REST framework学习:解析器parser的使用
- Django 之REST framework学习7:Schemas & client libraries
- python django rest framework Authentication & Permissions
- Django 之REST framework学习5:关联性和超链接API(Relationships & Hyperlinked APIs)
- Django Rest Framework源码剖析(一)-----认证
- Django-rest-framework学习(二)Request与Response
- 学习使用"Django REST framework"打造RESTful API接口——第一节 quickstart
- Django 之REST framework学习3:CBV
- Django-rest-framework学习(-)Serialization