Django drf：手擼自定義跨域

項目需求：

　　1.用域名8000向8001發送請求，用django框架解決跨域問題

　　2.用上自定義中間件配置，支持get、post、put、detele和非簡單請求

　　3.支持版本控制

　　4.在setting中配置白名單列表，在表中域名能夠訪問，不然返回錯誤信息

 

# 首先8000端口url層設置路由

from django.conf.urls import url
from django.contrib import admin
from app import views

urlpatterns = [
    url(r'^admin/', admin.site.urls),
    url(r'^index/', views.test),
]

#寫test視圖函數

from django.views.decorators.cache import cache_page
import time
from rest_framework.response import Response
# 單頁面緩存10秒
# @cache_page(10)
def test(request):
    print('三兒來了！')
    ctime = time.time()

    return render(request,'index.html',locals())

# 模板層寫index模板（這裏用到ajax向後臺提交數據，須要引入bootstop且在setting中配置）

<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <script src="/static/jquery-3.3.1.js"></script>
    <title>Title</title>
</head>
<body>
不緩存
{{ ctime }}
<br>
存在的緩存
{#{% load cache %}#}
{#第一個是超時時間，緩存時間。第二個參數是Key值，別名。#}
{#{% cache 10 'test' %}#}
{#    {{ ctime }}#}
{#{% endcache %}#}
<button id="btn">點我發請求</button>

</body>
<script>
    $("#btn").click(function () {
        $.ajax({
            url: 'http://127.0.0.1:8001/v1/publishs/',
            {#type: 'get',#}
            type:'post',
            {#type:'put',#}
            contentType:'application/json',
            {#data:JSON.stringify({'name':'egon'}),#}
            success: function (data) {
                console.log(data)
            }
        })
    })

</script>
</html>

# ajax提交的路由請求http://127.0.0.1:8001/v1/publishs/

# 因爲請求的是V1版本，咱們在端口8001路由層中設置版本路由

 

from django.conf.urls import url
from django.contrib import admin
from app import views
urlpatterns = [
    url(r'^admin/', admin.site.urls),
    url(r'^(?P<version>[v1|v2]+)/publishs/', views.PublishView.as_view()),
   
]

# 寫對應的的函數視圖

from rest_framework.views import APIView
from rest_framework.versioning import URLPathVersioning
from rest_framework.response import Response

# 版本控制的局部使用
class PublishView(APIView):
    # versioning_class = QueryParameterVersioning # 基於url的get傳參方法
    versioning_class = URLPathVersioning # 基於url的正則方式

    def get(self,request,*args,**kwargs):
        print(request.version)
        return Response({'status':100})

    def post(self,request,*args,**kwargs):
        print(request.method)
        return Response({'status': 100, 'msg': 'post'})

    def delete(self,request,*args,**kwargs):
        print(request.method)
        return Response({'status':100,'msg':'delete'})

    def put(self,request,*args,**kwargs):
        print(request.method)
        return Response({'status':100,'msg':'put'})

#這個時候寫定義中間件

from django.utils.deprecation import MiddlewareMixin
from django.conf import settings
from rest_framework.response import Response
from django.http import JsonResponse

class CORSMiddle(MiddlewareMixin):
    def process_response(self,request,response):
        #
        # print(request.META['HTTP_ORIGIN'])
        host_list = settings.OPEN_HOST
        host = request.META['HTTP_ORIGIN']

        response['Access-Control-Allow-Origin'] = host
        if request.method == 'OPTIONS':
            response['Access-Control-Allow-Methods'] = 'PUT,DELETE,POST,GET'
            response['Access-Control-Allow-Headers'] = 'Content-Type'


        print(host,host_list)
        if host not in host_list:
            # rep = JsonResponse({'msg':'error  非法訪問！'})
            rep = Response({'msg':'error  非法訪問！'})
            rep['Access-Control-Allow-Origin'] = host
            return rep
        return response

# 自定義中間須要到setting中作配置，且把csrf註銷

MIDDLEWARE = [
    'django.middleware.security.SecurityMid'
    ''
    'dleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    # 'django.middleware.csrf.CsrfViewMiddleware',
    'app.center.CORSMiddle',# 此爲自定義中間件
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

# 後面須要在setting中自定義白名單

OPEN_HOST = ['http://127.0.0.1:8002','http://127.0.0.1:8003']