Question

我想仅为“PUT”方法申请许可而不是“POST”

class Signup(APIView):
    def post(self, request, format=None):
        something...something

    @authentication_classes((ExpiringTokenAuthentication,))
    @permission_classes((IsAuthenticated,))
    def put(self, request, format=None):
        something...something

Answer 1

检查权限类has_permission方法上的HTTP方法，如果是PUT则应用检查：

class ExpiringTokenAuthentication(permissions.BasePermission):

    def has_permission(self, request, view):
        if request.method == 'PUT':
           # do it here


class Signup(APIView):
    permission_classes = (BlacklistPermission,)

如何在Django-Rest Framework中将权限类应用于基于类的视图中的特定方法？

1 个答案: