当前位置: 首页 > news >正文

django安装、跨域、缓存、令牌、路由、中间件等配置

news 2025/7/17 7:40:20

注意:如果是使用 PyCharm 编程工具就不用创建虚拟化,直接打开 PyCharm 选择新建的目录

直接调过下面的步骤1

1. 项目初始化

如果不是用 PyCharm 编辑器就需要手动创建虚拟环境

在项目目录cmd,自定义名称的虚拟环境

# 激活虚拟环境
python -m venv django_env
# 激活虚拟环境
django_env\Scripts\activate.bat  # Windows
# source django_env/bin/activate  # Linux/Mac

# 验证虚拟环境是否激活(提示符前应显示 (django_env))
(django_env) F:\git\project\serverAdmin\Django>

2. 安装依赖

# 安装 Django 及必要组件
pip install django django-cors-headers djangorestframework django-redis redis djangorestframework-simplejwt mysqlclient

如果提示升级pip,是新项目建议更新 

# 验证安装版本
python -m django --version  # 应显示 Django 版本号

3. 创建项目与多应用结构

# 创建 Django 项目
django-admin startproject backend
# 进入项目目录
cd backend
# 创建多个应用,自行创建
python manage.py startapp accounts  # 用户认证
python manage.py startapp products  # 商品管理
python manage.py startapp orders    # 订单系统
python manage.py startapp utils     # 工具类

4. 核心配置(backend/settings.py

"""
Django settings for backend project.Generated by 'django-admin startproject' using Django 5.2.4.For more information on this file, see
https://docs.djangoproject.com/en/5.2/topics/settings/For the full list of settings and their values, see
https://docs.djangoproject.com/en/5.2/ref/settings/
"""
import os
from pathlib import Path# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/5.2/howto/deployment/checklist/# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = "django-insecure-e6)+pcowg#7$$t=mfje93!%186-qa6=8f5$i86l8gjpyl&yukx"# SECURITY WARNING: don't run with debug turned on in production! 生产环境中禁用调试模式
DEBUG = True # 开发环境
# DEBUG = False  # 生产环境ALLOWED_HOSTS = ['*'] # 开发环境
# ALLOWED_HOSTS = ['api.your-domain.com']  # 生产环境# Application definition  应用注册
INSTALLED_APPS = ["django.contrib.admin","django.contrib.auth","django.contrib.contenttypes","django.contrib.sessions","django.contrib.messages","django.contrib.staticfiles",'corsheaders',  # 跨域支持'rest_framework',  # REST API'django_redis',  # Redis缓存'accounts',  # 权限'utils',  # 工具应用
]# 中间件
MIDDLEWARE = ['corsheaders.middleware.CorsMiddleware',  # 跨域必须在CommonMiddleware之前"django.middleware.security.SecurityMiddleware","django.contrib.sessions.middleware.SessionMiddleware","django.middleware.common.CommonMiddleware","django.middleware.csrf.CsrfViewMiddleware","django.contrib.auth.middleware.AuthenticationMiddleware","django.contrib.messages.middleware.MessageMiddleware","django.middleware.clickjacking.XFrameOptionsMiddleware",
]# 跨域配置(开发环境)
CORS_ALLOW_ALL_ORIGINS = True  # 允许所有域名跨域(开发环境)
# 生产环境使用白名单:
# CORS_ALLOWED_ORIGINS = [
#     "http://localhost:3000",  # 前端开发服务器
#     "https://your-frontend.com",  # 生产环境域名
# ]# 允许携带凭证(如cookies、HTTP认证)
CORS_ALLOW_CREDENTIALS = True  # 允许跨域请求携带凭证
# 允许的请求方法
CORS_ALLOW_METHODS = ['DELETE','GET','OPTIONS','PATCH','POST','PUT',
]
# 允许的请求头
CORS_ALLOW_HEADERS = ['accept','accept-encoding','authorization',  # 用于JWT认证'content-type','dnt','origin','user-agent','x-csrftoken','x-requested-with','token',  # 自定义token头'openid',  # 自定义openid头'sessionkey',  # 自定义session头
]# DRF 配置
REST_FRAMEWORK = {# ... 已有配置 ...'DEFAULT_AUTHENTICATION_CLASSES': ['rest_framework_simplejwt.authentication.JWTAuthentication',  # 示例:JWT认证'rest_framework.authentication.SessionAuthentication',  # 会话认证],'DEFAULT_PERMISSION_CLASSES': ['rest_framework.permissions.IsAuthenticated',  # 默认需要登录]
}# Redis 配置
CACHES = {"default": {"BACKEND": "django_redis.cache.RedisCache","LOCATION": "redis://127.0.0.1:6379/0",  # Redis 服务器地址和数据库编号"OPTIONS": {"CLIENT_CLASS": "django_redis.client.DefaultClient","CONNECTION_POOL_KWARGS": {"max_connections": 100}, # 连接池最大连接数"PASSWORD": "",  # 如果 Redis 有密码,添加到这里}}
}
# Session 存储(可选:使用 Redis 存储会话)
SESSION_ENGINE = "django.contrib.sessions.backends.cache"
ROOT_URLCONF = "backend.urls"# 数据库配置(示例:MySQL)
DATABASES = {'default': {'ENGINE': 'django.db.backends.mysql','NAME': 'your_database','USER': 'root','PASSWORD': 'your_password','HOST': 'localhost','PORT': '3306',}
}TEMPLATES = [{"BACKEND": "django.template.backends.django.DjangoTemplates","DIRS": [],"APP_DIRS": True,"OPTIONS": {"context_processors": ["django.template.context_processors.request","django.contrib.auth.context_processors.auth","django.contrib.messages.context_processors.messages",],},},
]WSGI_APPLICATION = "backend.wsgi.application"# Database
# https://docs.djangoproject.com/en/5.2/ref/settings/#databases# DATABASES = {
#     "default": {
#         "ENGINE": "django.db.backends.sqlite3",
#         "NAME": BASE_DIR / "db.sqlite3",
#     }
# }# Password validation
# https://docs.djangoproject.com/en/5.2/ref/settings/#auth-password-validatorsAUTH_PASSWORD_VALIDATORS = [{"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",},{"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",},{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",},{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",},
]# Internationalization
# https://docs.djangoproject.com/en/5.2/topics/i18n/
# 改中国
LANGUAGE_CODE = "zh-hans"
TIME_ZONE = 'Asia/Shanghai'
# 确保默认字符编码是 UTF-8
DEFAULT_CHARSET = 'utf-8'USE_I18N = True
USE_L10N = True
USE_TZ = True# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/5.2/howto/static-files/# 生产 静态文件配置
STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')# STATICFILES_DIRS = [BASE_DIR / 'static']  # 开发 时静态文件存放路径# 媒体文件配置
MEDIA_URL = '/media/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'media')# Default primary key field type
# https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-fieldDEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
5.项目级路由(backend/urls.py
"""
URL configuration for backend project.The `urlpatterns` list routes URLs to views. For more information please see:https://docs.djangoproject.com/en/5.2/topics/http/urls/
Examples:
Function views1. Add an import:  from my_app import views2. Add a URL to urlpatterns:  path('', views.home, name='home')
Class-based views1. Add an import:  from other_app.views import Home2. Add a URL to urlpatterns:  path('', Home.as_view(), name='home')
Including another URLconf1. Import the include() function: from django.urls import include, path2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
"""from django.contrib import admin
from django.urls import path, include
from .Index import loginurlpatterns = [path("admin/", admin.site.urls),# 公共路由path('index/login/', Index.login), # 用户登录# 所有API路由统一入口path('api/utils/', include('utils.urls')),  # 工具类应用
]

在公共目录,创建需要登录API的 Index 文件 login方法

比如 path('index/login/', Index.login), # 用户登录

import json
from django.http import JsonResponse
from django.views.decorators.http import require_http_methods# 登录后台
@require_http_methods(["GET", "POST"])
def login(request):print(666)data = {"code": 2000,"date": [],"message": "登录验证"}return JsonResponse(data)

其它子应用路由 分发

比如  path('api/utils/', include('utils.urls')),  # 工具类应用

在utils创建路由文件

from django.urls import path
from .index import Indexurlpatterns = [path('index/', Index.index)
]

创建子应用的文件和方法  path('index/', Index.index) 

import json
from django.http import JsonResponse
from django.views.decorators.http import require_http_methods@require_http_methods(["GET", "POST"])
def index(request):print(666)data = {"code": 2000,"date": [],"message": "我是子应用"}return JsonResponse(data)

 这样就是多应用的前后分离了,也可以在nginx那做负载均衡

6.运行项目

# 迁移数据库
python manage.py makemigrations
python manage.py migrate# 创建超级用户
python manage.py createsuperuser# 启动开发服务器
python manage.py runserver
# 指定端口
python manage.py runserver 8100

访问地址:

公告API接口
http://127.0.0.1:8100/index/login/  子应用
http://127.0.0.1:8100/api/utils/index/

如果像要psot请求要携带 CSRF 令牌

import json
from django.http import JsonResponse
from django.views.decorators.http import require_http_methods
# 生成CSRF 令牌
from django.middleware.csrf import get_token# 登录后台
@require_http_methods(["GET", "POST"])
def login(request):print(6666)token = get_token(request)data = {"code": 2000,"date": [],'csrf_token': token,"message": "查询成功"}return JsonResponse(data)

 前端必须带  X-CSRFToken 头,必须是这个名X-CSRFToken

// 1. 获取 CSRF 令牌
axios.get('/api/csrf/').then(response => {const csrfToken = response.data.csrf_token;// 2. 发送 POST 请求时,在请求头中携带令牌axios.post('/api/utils/index/', {}, {headers: {'X-CSRFToken': csrfToken  // 关键:必须用 X-CSRFToken 头}}).then(res => console.log(res.data)).catch(err => console.error(err));});

或者settings.py文件注释django.middleware.csrf.CsrfViewMiddleware,关闭CSRF防护

# 中间件
MIDDLEWARE = ['corsheaders.middleware.CorsMiddleware',  # 跨域必须在CommonMiddleware之前"django.middleware.security.SecurityMiddleware","django.contrib.sessions.middleware.SessionMiddleware","django.middleware.common.CommonMiddleware",# "django.middleware.csrf.CsrfViewMiddleware", # 关闭 CSRF 防护 前端不用携带 CSRF 令牌 可以post访问"django.contrib.auth.middleware.AuthenticationMiddleware","django.contrib.messages.middleware.MessageMiddleware","django.middleware.clickjacking.XFrameOptionsMiddleware",
]

http://www.lryc.cn/news/590059.html

相关文章:

  • .env文件的配置
  • 搭建云途YTM32B1MD1芯片VSCODE+GCC + Nijia + Cmake+Jlink开发环境
  • python的慈善捐赠平台管理信息系统
  • 将URL地址最后一段中文内容进行URL编码
  • Harmony-Next鸿蒙实战开发项目-仿小米商城App----V2
  • 【18】MFC入门到精通——MFC(VS2019)+ OpenCV 显示图片的3种方法
  • Kotlin集合聚合
  • Maple2025 软件安装教程(Win版)
  • nerdctl - 兼容 Docker 语法 的 containerd 命令行界面
  • Egg.js × NestJS 2025 Nodejs后端框架选型指南
  • 交易日历接口api,股票/板块日,周,月K线行情接口api,情绪周期api,Level2实时数据api
  • java 知识点表格
  • 数据结构:栈(区间问题)
  • 颠覆NLP十年范式!OpenCSG中文数据集助推CMU无分词器模型登顶SOTA
  • Kubernetes使用kubeadm安装详细步骤
  • Java基础:分支/循环/数组
  • Django基础(三)———模板
  • OpenSearch SQL 查询完整指南
  • django在线音乐数据采集-22647
  • 职业发展:把工作“玩”成一场“自我升级”的游戏
  • OpenCV直线段检测算法类cv::line_descriptor::LSDDetector
  • WPF 导入自定义字体并实现按钮悬停高亮效果
  • 红黑树、B树、B+树
  • 计算机网络:(九)网络层(下)超详细讲解互联网的路由选择协议、IPV6与IP多播
  • 汽车数字化——65页大型汽车集团企业IT信息化(管理架构、应用架构、技术架构)战略规划【附全文阅读】
  • 怎么用快鲸aiseo提升百度搜索排名?
  • 如何区分Bug是前端问题还是后端问题?
  • Linux 驱动中 Timer / Tasklet / Workqueue 的作用与对比
  • [特殊字符] CentOS 7 离线安装 MySQL 5.7 实验
  • 【Linux】基本指令详解(二) 输入\输出重定向、一切皆文件、认识管道、man、cp、mv、echo、cat