我正在学习 Django 和 Django Rest Framework 来创建 API,但当我运行此命令时无法理解为什么:
http --json POST http://127.0.0.1:8000/api/v1/stocks/ book_code='Abook' 'Authorization: Token 123243434354353'
我收到一条错误消息:
HTTP/1.0 400 Bad Request
Allow: GET, POST, HEAD, OPTIONS
Content-Type: application/json
Date: Thu, 25 May 2017 19:16:37 GMT
Server: WSGIServer/0.2 CPython/3.6.0
Vary: Accept
X-Frame-Options: SAMEORIGIN {
"user": [
"This field is required."
]}
“用户”字段是必需的,但我希望它根据我提供的 token (即经过身份验证的用户)填充用户。
这是bookstock/models.py
:
from django.db import models
from django.contrib.auth.models import User
class Stock(models.Model):
'''
Model representing the stock info.
'''
user = models.ForeignKey(User)
book_code = models.CharField(max_length=14, null=True, blank=True)
def __str__(self):
return self.book_code
这是api/serializer.py
:
from bookstock.models import Stock
from rest_framework import serializers
class StockSerializer(serializers.ModelSerializer):
class Meta:
model = Stock
fields = ('id', 'user', 'book_code')
这是api/views.py
:
from rest_framework import generics
from bookstock.models import Stock
from api.serializers import StockSerializer
from rest_framework.permissions import IsAuthenticated
class StockList(generics.ListCreateAPIView):
serializer_class = StockSerializer
permission_classes = (IsAuthenticated,)
def get_queryset(self):
user = self.request.user
return Stock.objects.filter(user=user)
def perform_create(self, serializer):
serializer.save(user=self.request.user, )
def perform_update(self, serializer):
serializer.save(user=self.request.user)
这是api/urls.py
:
from django.conf.urls import url, include
from api import views
from rest_framework.authtoken.views import obtain_auth_token
urlpatterns = [
url(r'^v1/stocks/$', views.StockList.as_view()),
url(r'^v1/api-token-auth/', obtain_auth_token),
url(r'v1/api-auth/', include('rest_framework.urls', namespace='rest_framework')),
]
我错过了什么?根据SO的答案,perform_create
和perform_update
覆盖应该填充用户,对吧?
最佳答案
perform_create
方法由 View 的 create
方法在序列化器验证后调用。在此阶段,DRF 将找到并标记丢失的用户字段: https://github.com/encode/django-rest-framework/blob/master/rest_framework/mixins.py#L14
有多种方法可以解决这个问题,即将序列化器字段设置为 read_only=True
或覆盖序列化器上的 validate_user
方法。
我认为最优雅的方式是使用 DRF 的 currentuserdefault
验证器:http://www.django-rest-framework.org/api-guide/validators/#currentuserdefault
user = serializers.HiddenField(default=serializers.CurrentUserDefault())
(将 HiddenField
替换为 CharField
或您喜欢的任何内容)
关于Django Rest Framework - 用户字段不能为空,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44188607/