由于我的序列化程序不希望显示/检索密码,因此我继续进行了自己的自定义视图来处理注册。我使该URL与/ users资源不同。
我的网址配置:
url(r'^users/register', 'myapp.views.create_auth'),
我的看法:
@api_view(['POST'])
def create_auth(request):
serialized = UserSerializer(data=request.DATA)
if serialized.is_valid():
User.objects.create_user(
serialized.init_data['email'],
serialized.init_data['username'],
serialized.init_data['password']
)
return Response(serialized.data, status=status.HTTP_201_CREATED)
else:
return Response(serialized._errors, status=status.HTTP_400_BAD_REQUEST)
我可能是错的,但是似乎你不需要限制此视图的权限,因为你想要未经身份验证的请求…
Django REST Framework 3 允许create序列化程序中的override 方法:
from rest_framework import serializers
from django.contrib.auth import get_user_model # If used custom user model
UserModel = get_user_model()
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField(write_only=True)
def create(self, validated_data):
user = UserModel.objects.create(
username=validated_data['username']
)
user.set_password(validated_data['password'])
user.save()
return user
class Meta:
model = UserModel
# Tuple of serialized model fields (see link [2])
fields = ( "id", "username", "password", )
从继承的类的序列化字段ModelSerializer必须在MetaDjango Rest Framework v3.5和最新版本中明确声明。
文件api.py:
from rest_framework import permissions
from rest_framework.generics import CreateAPIView
from django.contrib.auth import get_user_model # If used custom user model
from .serializers import UserSerializer
class CreateUserView(CreateAPIView):
model = get_user_model()
permission_classes = [
permissions.AllowAny # Or anon users can't register
]
serializer_class = UserSerializer
602392714
清零编程群