DRF路由器的参数URL [英] Parameters URL with DRF routers
问题描述
我正在使用Django Rest Framework创建API.在这个项目中,我想捕获URL中的参数.例如,我想捕获用户的用户名和密码,而我的想法是这样的:
http://localhost:8000/accounts/login/?unsername = username& password = password 但是我不能,我使用路由器和django-filter,但是我无法获取参数url.我的项目文件在那里:
view.py:
class AccountsData(viewsets.ModelViewSet):queryset = models.UserData.objects.all()serializer_class = serializers.AccountsDataSerializerPermission_classes =(IsAuthenticated,)filter_backends =(filters.DjangoFilterBackend,)filterset_fields = ['用户名','密码']lookup_url_kwarg ='用户名'@action(方法= ['get'],detail = True,url_name ='登录',url_path ='登录')def登录(自己,请求,pk =无):返回响应({成功登录"},200) urls.py:
从api导入视图中 路由器= routers.SimpleRouter()router.register(r'accounts',views.AccountsData) 请求查询参数与路由无关,它们与请求一起传递,与配置路由的方式无关.您可以在 request.query_params 中访问它们,例如, request.query_params.get('username')将获得 username 参数.
要说的是,您的想法有一个严重的错误:永远不要在查询参数中输入密码或任何机密数据,您应该使用一个HTTP谓词来携带其主体中的数据(例如POST).
I'm using Django Rest Framework for created a API. In this project i want to capture parameters in the URL. For example i want to capture the username and password of a user and my idea is like this:
http://localhost:8000/accounts/login/?unsername=username&password=password
But i cant, I' usin routers and django-filter, but i cant get the parameters url. My project files are there:
view.py:
class AccountsData(viewsets.ModelViewSet):
queryset = models.UserData.objects.all()
serializer_class = serializers.AccountsDataSerializer
permission_classes = (IsAuthenticated,)
filter_backends = (filters.DjangoFilterBackend,)
filterset_fields = ['username', 'password']
lookup_url_kwarg = 'username'
@action(methods=['get'], detail=True, url_name='login', url_path='login')
def login(self, request, pk=None):
return Response({"Login successfully"}, 200)
urls.py:
from api import views
router = routers.SimpleRouter()
router.register(r'accounts', views.AccountsData)
Request query parameters have nothing to do with routing, they are passed with the request independently of how you configure the route. You have access to them in request.query_params, for example, request.query_params.get('username') would get the value of the username parameter.
Being said that, your idea has a terrible mistake: password or any kind of confidential data should NEVER go in query parameters, you should use an http verb that carries the data in its body (POST, for example).
这篇关于DRF路由器的参数URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
