rest_framework官方網站:http://www.django-rest-framework.org
1、安裝
pip install djangorestframework
pip install markdown
pip install django-filter
2、在settings.py裏添加配置
INSTALLED_APPS += ['rest_framework']
INSTALLED_APPS += ['rest_framework.authtoken'] //authtoken驗證身份是否合法
INSTALLED_APPS += ['corsheaders'] //解決接口跨域問題
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.AllowAny',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication',
)
}
#跨域增加忽略
CORS_ALLOW_CREDENTIALS = True
CORS_ORIGIN_ALLOW_ALL = True
CORS_ORIGIN_WHITELIST = (
'*'
)
CORS_ALLOW_METHODS = (
'GET',
'OPTIONS'
'POST',
)
CORS_ALLOW_HEADERS = (
'*'
)
3、在views.py例子
from rest_framework.decorators import api_view, authentication_classes, permission_classes
from rest_framework.response import Response
from rest_framework.authentication import SessionAuthentication, TokenAuthentication
from rest_framework.permissions import IsAuthenticated
@api_view(['GET'])
@authentication_classes((TokenAuthentication,SessionAuthentication))
@permission_classes((IsAuthenticated,))
def index(request):
result = [request.GET.get('name')]
return Response(result)
4、解決djangorestframework跨域問題:
pip install django-cors-headers
然後將其添加到已安裝的應用程序中:
INSTALLED_APPS =(
...
' corsheaders ',
...
)
還需要添加一箇中間件類來收聽響應:
MIDDLEWARE = [ #或MIDDLEWARE_CLASSES on Django <1.10
...
' corsheaders.middleware.CorsMiddleware ',
' django.middleware.common.CommonMiddleware ',
...
]
CorsMiddleware應該放置得儘可能高,特別是在可以產生響應的任何中間件之前, 如Django CommonMiddleware或Whitenoise WhiteNoiseMiddleware。 如果以前沒有,則無法將CORS頭添加到這些響應中。
如果你使用CORS_REPLACE_HTTPS_REFERER,它應該放在Django之前CsrfViewMiddleware
# 允許所有主機
CORS_ORIGIN_ALLOW_ALL = True
參照:https://github.com/OttoYiu/django-cors-headers