Django 向我的Angular APP Http Post请求添加授权标头_Django_Angular_Django Rest Framework_Http Headers

Django 向我的Angular APP Http Post请求添加授权标头

django angular django-rest-framework

Django 向我的Angular APP Http Post请求添加授权标头,django,angular,django-rest-framework,http-headers,Django,Angular,Django Rest Framework,Http Headers,我想在Post请求中添加授权标头在网上做了很多研究，并尝试了所有可能的方法向请求添加头之后，我仍然无法实现我需要验证我的angular应用程序对django服务器的post请求 headers2 = { "Content-Type": "application/json", "Authorization": "JWT " + token } json_data = json.dumps({"content":" content nice content"}) posted_r

我想在Post请求中添加授权标头在网上做了很多研究，并尝试了所有可能的方法向请求添加头之后，我仍然无法实现我需要验证我的angular应用程序对django服务器的post请求

headers2 = {
    "Content-Type": "application/json",
    "Authorization": "JWT " + token
}
json_data = json.dumps({"content":" content nice content"})
posted_response = requests.post(ENDPOINT, data=json_data, headers=headers2)

当我启动这段代码时，它运行得非常好，并使用python请求将其添加到我的数据库中我假设angular的过程也一样，并将授权头直接添加到http post请求的头中

createPost(input:HTMLInputElement){
    // input.value='';
    let post={content:input.value};
    let head = new Headers({ 'Content-Type': 'application/json',
    // 'Authorization': "JWT"+'Bearer '+localStorage.getItem("token")
    "Authorization": "JWT " + localStorage.getItem("token")

  });
    let requestOptions = new RequestOptions({headers: head});
    let body = JSON.stringify(post);

    this.http.post(this.url,body,requestOptions)
      .subscribe(response =>{
        post['id']=response.json().id;
        this.posts.splice(0,0,post);


      });

令牌值存储在localstorage中

但它不起作用所以在浏览了谷歌和我所知道的所有关于Http拦截器的信息之后已创建服务并尝试向其添加授权

@Injectable({
  providedIn: 'root'
})
export class AuthoService  implements HttpInterceptor {

  constructor() { }
  intercept(req,next){
    let tokenizedReq =req.clone({
      setHeaders:{
        Authorization: `Bearer ${localStorage.getItem('token')}`
      }
    })
    return next.handle(tokenizedReq)


  }

  intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
   let ok = JSON.parse(localStorage.getItem('token'));

    req = req.clone({

      setHeaders: {
        'Content-Type' : 'application/json; charset=utf-8',
        'Accept'       : 'application/json',
        // 'Authorization': "JWT" + `Bearer ${localStorage.getItem('token')}`
        'Authorization': "JWT" + `Bearer ${ok.token}`

      }
    });

    return next.handle(req);
  }
}

并添加了app.modules.ts

providers: [CourseService,AuthService,
    {
      provide : HTTP_INTERCEPTORS,
      useClass: TokenInterceptorService,
      multi   : true,
    }],

但我仍然不明白问题是什么，为什么授权头不在我的请求中

非常感谢您提供的任何帮助

这是在后台为django时，在angular中使用授权的示例代码。我希望它能帮助你

如果您使用JWT django框架进行身份验证，可以在angular中执行以下操作：

createComment(aComment: any){
    let url = this.mainUrl + '/api/comment/create/?format=json';
    let headers = new Headers();

    if(localStorage.getItem('token') !== ''){
      headers = new Headers({ 'Authorization': 'JWT ' +localStorage.getItem('token') });
    }else{
      headers = new Headers({});
    }
    let options = new RequestOptions({ headers: headers });

    return this.http.post(url, aComment, options)
      .map(
        (response: Response) => {
          const data = response.json();
          return data;
        }
      )
      .catch(
        (error: Response) => {
          let rr = error.json();
          return Observable.throw(rr.errorMessage);
        }
      );
  }
}

在django，你可以这样做：

class CommentCreateAPIView(CreateAPIView):

    serializer_class = serializers.CommentCreateSerializer
    permission_classes = (permissions.IsAuthenticated, )

    queryset = Comment.objects.all()

你能添加控制台日志吗？

class CommentCreateAPIView(CreateAPIView):

    serializer_class = serializers.CommentCreateSerializer
    permission_classes = (permissions.IsAuthenticated, )

    queryset = Comment.objects.all()