Python 令牌身份验证在Django Rest框架上不起作用
我有一个Django应用程序,我将DRF用于我的API会话和令牌身份验证。我已安装的应用程序中有rest_framework和rest_framework.authtoken。我已经迁移了我的数据库,可以在Django管理员中为用户创建令牌。我知道所有这些都在工作,因为我正在访问rest\u framework.auth\u token的获取\u auth\u token视图,用于在POST请求中提交用户数据时返回一个标记,并接收一个返回。当我尝试向我的应用程序中的视图函数发出GET请求时,该函数在其视图集上具有TokenAuthentication,它会不断返回Python 令牌身份验证在Django Rest框架上不起作用,python,django,django-rest-framework,http-token-authentication,Python,Django,Django Rest Framework,Http Token Authentication,我有一个Django应用程序,我将DRF用于我的API会话和令牌身份验证。我已安装的应用程序中有rest_framework和rest_framework.authtoken。我已经迁移了我的数据库,可以在Django管理员中为用户创建令牌。我知道所有这些都在工作,因为我正在访问rest\u framework.auth\u token的获取\u auth\u token视图,用于在POST请求中提交用户数据时返回一个标记,并接收一个返回。当我尝试向我的应用程序中的视图函数发出GET请求时,该函
{"detail":"Authentication credentials were not provided."}
设置文件
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# My Apps
'rest_framework',
'rest_auth',
'rest_framework.authtoken',
]
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication',
],
}
import requests
import json
data = {
"username": "myemail@gmail.com",
"password": "password124"
}
url = "http://localhost:8002/api/v1/api-token-auth/"
response = requests.post(url, data=data)
token = json.loads(response.text).get('token')
if token:
token = f"Token {token}"
headers = {"Authentication": token}
response = requests.get("http://localhost:8002/api/v1/model/", headers=headers)
print(response.text)
else:
print('No Key')
URL
from django.urls import path, include
from rest_framework.routers import DefaultRouter
from rest_framework.authtoken import views
from api.views.some_model import MyViewSet
urlpatterns = [
path('', include(router.urls)),
path('rest-auth/', include('rest_auth.urls')),
path('api-token-auth/', views.obtain_auth_token)
]
视图集
from rest_framework.viewsets import ModelViewSet
from rest_framework.authentication import SessionAuthentication, TokenAuthentication
from rest_framework.permissions import IsAuthenticated
from some_app.models import SomeModel
from api.serializers.exams import SomeModelSerializer
class ExamViewSet(ModelViewSet):
permission_classes = (IsAuthenticated,)
authentication_classes = (TokenAuthentication, SessionAuthentication)
queryset = SomeModel.objects.all()
serializer_class = SomeModelSerializer
获取响应的Python脚本
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# My Apps
'rest_framework',
'rest_auth',
'rest_framework.authtoken',
]
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication',
],
}
import requests
import json
data = {
"username": "myemail@gmail.com",
"password": "password124"
}
url = "http://localhost:8002/api/v1/api-token-auth/"
response = requests.post(url, data=data)
token = json.loads(response.text).get('token')
if token:
token = f"Token {token}"
headers = {"Authentication": token}
response = requests.get("http://localhost:8002/api/v1/model/", headers=headers)
print(response.text)
else:
print('No Key')
标题名称应该是
授权
而不是身份验证
:
headers = {"Authorization": token}
response = requests.get("http://localhost:8002/api/v1/model/", headers=headers)
应在标头中提供令牌,如
-H "Authorization: Token 8fa36c01df3bb9ed31fc2329c53a9fe2cac72966"
呜呜呜呜。菜鸟错了,多尴尬啊。非常感谢你,我也掉进了同样的陷阱。如果您花费数小时开发支持“身份验证”的视图,那么很容易犯这个错误。