猿问

回到首页 个人中心 反馈问题 注册登录
下载APP
首页 课程 实战 体系课 手记 专栏 慕课教程

DRF:如何在使用深度选项的序列化程序中隐藏密码?

我正在为User模型使用以下序列化程序,但是当我使用深度处理外键时,密码会显示在User对象中。


用户序列化器:


class UserSerializer(serializers.ModelSerializer):

    class Meta:

        model = User

        read_only_fields = ('is_active', 'is_staff', 'is_superuser',)

        exclude = ('password', )

        extra_kwargs = {'password': {'write_only': True, 'min_length': 4}}

在下面的序列化程序中,一切都很好:


class AuditSerializer(serializers.ModelSerializer):

    def __init__(self, instance=None, **kwargs):

        if instance:

            setattr(self.Meta, 'depth', 10)

        else:

            setattr(self.Meta, 'depth', 0)

        super(AuditSerializer, self).__init__(instance, **kwargs)


    initiator = UserSerializer(read_only=True)


    class Meta:

        model = Audit

        fields = ['id', 'initiator']

        read_only_fields = ['id', 'initiator']

        depth = 0

但是在下面与以前的模型/序列化器相关的部分中,我遇到了密码问题:


class AuditAttachmentSerializer(serializers.ModelSerializer):

    def __init__(self, instance=None, **kwargs):

        if instance:

            setattr(self.Meta, 'depth', 10)

        else:

            setattr(self.Meta, 'depth', 0)

        super(AuditAttachmentSerializer, self).__init__(instance, **kwargs)


    class Meta:

        model = AuditAttachment

        fields = ['id', 'audit']

        read_only_fields = ['id']

        depth = 0


蛊毒传说
浏览 137回答 2
2回答

月关宝盒

我在使用depthMeta 属性时遇到了同样的问题。已password集成到序列化数据中。第一个解决方案)按照@JPG 对原始帖子的评论,我使用to_representation()了方法,它就像一个魅力!我已经结束了与我的用户模型有关系的序列化程序的这段代码:from django.contrib.auth.models import Groupfrom rest_framework import serializersclass BaseGroupSerializer(serializers.ModelSerializer):&nbsp; &nbsp; class Meta:&nbsp; &nbsp; &nbsp; &nbsp; model = Group&nbsp; &nbsp; &nbsp; &nbsp; depth = 1&nbsp; &nbsp; &nbsp; &nbsp; fields = (&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'id',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'name',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'user_set',&nbsp; &nbsp; &nbsp; &nbsp; )&nbsp; &nbsp;&nbsp;&nbsp; &nbsp; def to_representation(self, instance):&nbsp; &nbsp; &nbsp; &nbsp; response = super().to_representation(instance)&nbsp; &nbsp; &nbsp; &nbsp; for user in response.get("user_set"):&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; user.pop("password", None)&nbsp; &nbsp; &nbsp; &nbsp; return response它只是弹出我组中每个用户的密码字段。第二种解决方案)另一个简单的解决方案是直接引用您在其中明确排除密码exclude = ('password',)(或不包含密码)的 UserSerializer。在我的例子中,结果会是这样的:from django.contrib.auth.models import Groupfrom rest_framework import serializersfrom ..serializers.base_user_serializer import BaseUserSerializerclass BaseGroupSerializer(serializers.ModelSerializer):&nbsp; &nbsp; user_set = BaseUserSerializer(many=True)&nbsp; &nbsp; &nbsp; &nbsp;# <------&nbsp; &nbsp; class Meta:&nbsp; &nbsp; &nbsp; &nbsp; model = Group&nbsp; &nbsp; &nbsp; &nbsp; depth = 1&nbsp; &nbsp; &nbsp; &nbsp; fields = (&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'id',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'name',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'user_set',&nbsp; &nbsp; &nbsp; &nbsp; )BaseUserSerializer原样:from rest_framework import serializersfrom ..models.base_user import Userclass BaseUserSerializer(serializers.ModelSerializer):&nbsp; &nbsp; class Meta:&nbsp; &nbsp; &nbsp; &nbsp; model = User&nbsp; &nbsp; &nbsp; &nbsp; depth = 1&nbsp; &nbsp; &nbsp; &nbsp; fields = (&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'id',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'username',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'email',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'first_name',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'last_name',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'full_name',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'full_identification',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'is_active',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 'groups',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; # 'password' is omitted here&nbsp; &nbsp; &nbsp; &nbsp; )两种方式都有效。第二种方法的唯一问题是,在某些情况下,如果您也将其导入BaseGroupSerializer到BaseUserSerializer.因此,根据您的情况和您对进口的限制,...选择您的解决方案:)
0

元芳怎么了

我删除了该__init__方法并将其更改为以下解决方案。DRF:使用嵌套序列化程序的简单外键分配?
0
打开App,查看更多内容
随时随地看视频慕课网APP

相关分类

Python