我有一个Django DRF后端,实现了令牌用户身份验证。该应用程序本身是一个聊天,由公共大厅和私有线程(特定用户之间的线程)组成。当前,我的模型文件包括Message模型,该模型与Lobby和Thread模型具有外键关系,并将其中一个字段保留为Null,以便确定特定消息是否涉及私有Thread或Public Lobby。
到目前为止,我一直专注于开发公共大厅,用户在其中基于当前所在的大厅查询消息。
在我完成Lobbies的开发并启用身份验证之后,前端停止按Lobby标题过滤消息,而只是简单地向我返回与当前已验证用户相关的所有消息-显然不考虑消息相关的Lobbies之间的任何区别至。检查实际的API后,我发现启用身份验证后,“过滤”选项从页面中完全消失。
how can I combat this issue?
编辑:我用一些代码更新了帖子
我宁愿保留一个Message模型,而不是为Lobby和Thread创建单独的Message模型。
这是我的模特:
class Thread(models.Model):
user1 = models.ForeignKey(Account, on_delete=models.PROTECT, related_name="user1")
user2 = models.ForeignKey(Account, on_delete=models.PROTECT, related_name="user2")
date = models.DateTimeField(auto_now_add=True, blank=False)
def __repr__(self):
return f"user1: {self.user1} user2: {self.user2}"
class Message(models.Model):
content = models.TextField(max_length=255, default="", blank=False, null=False)
user = models.ForeignKey(Account, on_delete=models.PROTECT, related_name="user")
date = models.DateTimeField(auto_now_add=True, blank=False)
lobby = models.ForeignKey(Lobby, on_delete=models.CASCADE, related_name="messages", blank=True, null=True )
thread = models.ForeignKey(Thread, on_delete=models.CASCADE, related_name="messages", blank=True,
null=True )
class Lobby(models.Model):
title = models.TextField(max_length=90, blank=False, null=False)
thumb = models.ImageField(default='lobby.jpg')
这是序列化器:
class ThreadSerializer(serializers.ModelSerializer):
user1 = serializers.CharField(source="user1.username")
user1thumb = serializers.CharField(source="user1.accountimage.image.url")
user2 = serializers.CharField(source="user2.username")
user2thumb = serializers.CharField(source="user2.accountimage.image.url")
class Meta:
model= Thread
fields = ["user1", "user2", "user1thumb", "user2thumb"]
class MessageSerializer(serializers.ModelSerializer):
username = serializers.CharField(source='user.username')
thumb = serializers.CharField(source='user.accountimage.image.url')
class Meta:
model= Message
fields=['id','content', 'username', 'thumb']
class LobbySerializer(serializers.ModelSerializer):
class Meta:
model=Lobby
fields="__all__"
depth=2
最后是视图:
class ThreadView(viewsets.ModelViewSet):
queryset = Thread.objects.all()
serializer_class = ThreadSerializer
def get_queryset(self):
print(self.request.user)
return Thread.objects.filter(Q(user1= self.request.user) | Q(user2=self.request.user))
class MessageView(viewsets.ModelViewSet):
queryset = Message.objects.all()
serializer_class = MessageSerializer
filter_fields=('lobby__title',)
class LobbyView(viewsets.ModelViewSet):
queryset = Lobby.objects.all()
serializer_class = LobbySerializer
在我的settings.py中,我全局启用了身份验证:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES':[
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.SessionAuthentication'
],
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
答案 0 :(得分:1)
已更新: 您的问题与授权无关。您要添加
“ REST_FRAMEWORK”
设置阻止,但未指定要使用的过滤器后端
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES':[
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.SessionAuthentication'
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
],
'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend',]
}
并替换
filter_fields =('lobby__title',)
具有:
filterset_fields = ['lobby__title',]
P.S:如果没有,您需要pip install django-filter
我希望这会有所帮助!