Django REST API 仅获取 auth 用户数据

Question

我是新 Django，我尝试制作 REST API。现在面临一个问题。我创建了 2 个模型 Account & Transaction

class Account(models.Model):
    id = models.UUIDField(default=uuid.uuid4, unique=True,primary_key=True,editable=False)
    user = models.ForeignKey(User,on_delete=models.CASCADE)
    account_name = models.CharField(max_length=100)

帐户具有用户模型的 ForeignKey

class Transaction(models.Model):
    id = models.UUIDField(default=uuid.uuid4(),primary_key=True,editable=False)
    account = models.ForeignKey(Account,on_delete=models.CASCADE,related_name='account')
    transaction_no = models.CharField(default=str(uuid.uuid4())[:8],max_length=100)

Transaction 具有带有 Account 模型的 ForeignKey。然后获取 JWT 令牌并传递 API。在view.py 中，我按请求的用户过滤了

@api_view(['GET'])
@permission_classes([IsAuthenticated])
def getAccount(request,pk):
    account = Account.objects.filter(user=request.user).get(id=pk)
    serializer = AccountSerializer(account, many=False)
    return Response(serializer.data)

现在如何仅按身份验证用户过滤交易

@api_view(['GET'])
@permission_classes([IsAuthenticated])
def getTransactions(request,account_id):
    transactions = Transaction.objects.filter(account=account_id)
    serializer = TransactionSerializer(transactions, many=True)
    return Response(serializer.data)

Answer 1

你过滤：

@api_view(['GET'])
@permission_classes([IsAuthenticated])
def getTransactions(request,account_id):
    transactions = Transaction.objects.filter(account__user=request.user)
    serializer = TransactionSerializer(transactions, many=True)
    return Response(serializer.data)

因此，在这里我们检索Transactions，其中account 引用Account 对象，request.user 为user。

---

注意：通常使用settings.AUTH_USER_MODEL ^[Django-doc] 引用用户模型比直接使用User model ^[Django-doc] 更好。更多信息可以查看referencing the User model section of the documentation。