如何使用序列化程序和通用视图删除 Django 和 DRF 中的用户
How can delete User in Django and DRF using serializers and generic views
我正在尝试制作用户CRUD功能,我已经制作了其他功能但无法弄清楚使用API删除用户的方法,如果你能提供评论就更好了在代码上,我是否以安全的方式正确地执行了它。
这是我正在使用的序列化程序:
serializers.py
from .models import User
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField(
max_length=128,
min_length=8,
write_only=True
)
class Meta:
model = User
fields = ('email', 'password', 'first_name', 'last_name')
extra_kwargs = {
'password': {'write_only': True},
'first_name': {'required': True},
'last_name': {'required': True},
}
def create(self, validated_data):
user = User(
email = validated_data['email'],
first_name = validated_data['first_name'],
last_name = validated_data['last_name']
)
user.set_password(validated_data['password'])
user.save()
return user
class UpdateUserSerializer(serializers.ModelSerializer):
email = serializers.EmailField(required=True)
class Meta:
model = User
fields = ('first_name', 'last_name', 'email')
extra_kwargs = {
'first_name': {'required': True},
'last_name': {'required': True},
}
def validate_email(self, value):
user = self.context['request'].user
if User.objects.exclude(pk=user.pk).filter(email=value).exists():
raise serializers.ValidationError({"email": "This email is already in use."})
return value
def update(self, instance, validated_data):
user = self.context['request'].user
if user.pk != instance.pk:
raise serializers.ValidationError({"authorize": "You dont have permission for this user."})
instance.first_name = validated_data['first_name']
instance.last_name = validated_data['last_name']
instance.email = validated_data['email']
instance.save()
return instance
views.py
from rest_framework import generics
from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated
from django.contrib.auth import get_user_model
from .serializers import UserSerializer, UpdateUserSerializer, ChangePasswordSerializer
# Create your views here.
class UserCreate(generics.CreateAPIView):
authentication_classes = ()
permission_classes = ()
serializer_class = UserSerializer
class ChangePasswordView(generics.UpdateAPIView):
User = get_user_model()
queryset = User.objects.all()
permission_classes = (IsAuthenticated,)
serializer_class = ChangePasswordSerializer
class UpdateUserView(generics.UpdateAPIView):
User = get_user_model()
queryset = User.objects.all()
permission_classes = (IsAuthenticated,)
serializer_class = UpdateUserSerializer
class HelloView(APIView):
permission_classes = (IsAuthenticated, )
def get(self, request):
content = {'message':'Hello World!'}
return Response(content)
urls.py
from django.urls import path
from rest_framework_simplejwt import views
from .views import (
UserCreate,
UpdateUserView,
ChangePasswordView,
HelloView
)
urlpatterns = [
path('create/', UserCreate.as_view(), name='user_create'),
path('token/', views.TokenObtainPairView.as_view(), name='token_optain_pair'),
path('token/refresh/', views.TokenRefreshView.as_view(), name='token_refresh'),
path('hello/', HelloView.as_view(), name='hello'),
path('update/<int:pk>/', UpdateUserView.as_view(), name='update_user'),
path('change_password/<int:pk>/', ChangePasswordView.as_view(), name='auth_change_password'),
]
我正在学习 Django 和 DRF,所以如果我在这里做错了什么,请告诉我,谢谢
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = '__all__'
class UserDeleteApi(generics.DestroyAPIView):
queryset = User.objects.all()
serializer_class = UserSerializer
path('api/<int:pk>/delete',UserDeleteApi.as_view())
你可以这样试试
我正在尝试制作用户CRUD功能,我已经制作了其他功能但无法弄清楚使用API删除用户的方法,如果你能提供评论就更好了在代码上,我是否以安全的方式正确地执行了它。
这是我正在使用的序列化程序:
serializers.py
from .models import User
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField(
max_length=128,
min_length=8,
write_only=True
)
class Meta:
model = User
fields = ('email', 'password', 'first_name', 'last_name')
extra_kwargs = {
'password': {'write_only': True},
'first_name': {'required': True},
'last_name': {'required': True},
}
def create(self, validated_data):
user = User(
email = validated_data['email'],
first_name = validated_data['first_name'],
last_name = validated_data['last_name']
)
user.set_password(validated_data['password'])
user.save()
return user
class UpdateUserSerializer(serializers.ModelSerializer):
email = serializers.EmailField(required=True)
class Meta:
model = User
fields = ('first_name', 'last_name', 'email')
extra_kwargs = {
'first_name': {'required': True},
'last_name': {'required': True},
}
def validate_email(self, value):
user = self.context['request'].user
if User.objects.exclude(pk=user.pk).filter(email=value).exists():
raise serializers.ValidationError({"email": "This email is already in use."})
return value
def update(self, instance, validated_data):
user = self.context['request'].user
if user.pk != instance.pk:
raise serializers.ValidationError({"authorize": "You dont have permission for this user."})
instance.first_name = validated_data['first_name']
instance.last_name = validated_data['last_name']
instance.email = validated_data['email']
instance.save()
return instance
views.py
from rest_framework import generics
from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated
from django.contrib.auth import get_user_model
from .serializers import UserSerializer, UpdateUserSerializer, ChangePasswordSerializer
# Create your views here.
class UserCreate(generics.CreateAPIView):
authentication_classes = ()
permission_classes = ()
serializer_class = UserSerializer
class ChangePasswordView(generics.UpdateAPIView):
User = get_user_model()
queryset = User.objects.all()
permission_classes = (IsAuthenticated,)
serializer_class = ChangePasswordSerializer
class UpdateUserView(generics.UpdateAPIView):
User = get_user_model()
queryset = User.objects.all()
permission_classes = (IsAuthenticated,)
serializer_class = UpdateUserSerializer
class HelloView(APIView):
permission_classes = (IsAuthenticated, )
def get(self, request):
content = {'message':'Hello World!'}
return Response(content)
urls.py
from django.urls import path
from rest_framework_simplejwt import views
from .views import (
UserCreate,
UpdateUserView,
ChangePasswordView,
HelloView
)
urlpatterns = [
path('create/', UserCreate.as_view(), name='user_create'),
path('token/', views.TokenObtainPairView.as_view(), name='token_optain_pair'),
path('token/refresh/', views.TokenRefreshView.as_view(), name='token_refresh'),
path('hello/', HelloView.as_view(), name='hello'),
path('update/<int:pk>/', UpdateUserView.as_view(), name='update_user'),
path('change_password/<int:pk>/', ChangePasswordView.as_view(), name='auth_change_password'),
]
我正在学习 Django 和 DRF,所以如果我在这里做错了什么,请告诉我,谢谢
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = '__all__'
class UserDeleteApi(generics.DestroyAPIView):
queryset = User.objects.all()
serializer_class = UserSerializer
path('api/<int:pk>/delete',UserDeleteApi.as_view())
你可以这样试试