如何在Django Rest框架的viewset中添加对自定义操作的特定访问级别?

2024-06-26 00:18:13 发布

您现在位置:Python中文网/ 问答频道 /正文
708 3

我在Django Rest Framework中有一个包含所有crud函数的ModelViewSet,并将权限设置为IsAuthenticated,但我做了一个自定义操作并希望它是公共的,但我不知道如何做,因为文档只显示了如何使用@api_view()来做这件事,这是我的ModelViewSet

class UserViewSet(viewsets.ModelViewSet):
    """User viewset"""

    queryset = User.objects.all()
    serializer_class = UserModelSerializer
    authentication_classes = [TokenAuthentication]
    permission_classes = [IsAuthenticated]

    @action(detail=False, methods=['post'])
    def signup(self, request):
        """Sign Up users without profile. """
        serializer = UserSignUpSerializer(data=request.data)
        if serializer.is_valid(raise_exception=True):
            user = serializer.save()
            data = {
                'user' : user,
            }
            return Response(data, status=status.HTTP_201_CREATED)

    @action(detail=False, methods=['post'])     
    def login(self, request, *args, **kwargs):
        """ Handle logins request. """
        serializer = UserLoginSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        user, token = serializer.save()
        data= {
            'user': user,
            'access_token' : token
        }
        return Response(data, status=status.HTTP_201_CREATED)

我想公开登录@action,希望你们能帮我


Tags: tokenfalsedatarequeststatusactionclassclasses
1条回答
网友
1楼 · 发布于 2024-06-26 00:18:13

您可以将参数添加到更改权限类的操作deacrotor中

    @action(detail=False, methods=['post'], permission_classes=[AllowAny])     
    def login(self, request, *args, **kwargs):
        """ Handle logins request. """
        serializer = UserLoginSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        user, token = serializer.save()
        data= {
            'user': user,
            'access_token' : token
        }
        return Response(data, status=status.HTTP_201_CREATED)

Detail in document

相关问题 更多 >

    编程相关推荐