Python Django Tastypie基本身份验证不工作
我有一个UserResource类,它允许用户对用户对象进行API调用。当我尝试使用基本身份验证进行身份验证时,它告诉我访问被拒绝。我使用的用户名和密码应该能够访问对象。你知道为什么基本认证对我不起作用吗Python Django Tastypie基本身份验证不工作,python,django,tastypie,Python,Django,Tastypie,我有一个UserResource类,它允许用户对用户对象进行API调用。当我尝试使用基本身份验证进行身份验证时,它告诉我访问被拒绝。我使用的用户名和密码应该能够访问对象。你知道为什么基本认证对我不起作用吗 class UserResource(ModelResource): class Meta: # For authentication, allow both basic and api key so that the key # can be gra
class UserResource(ModelResource):
class Meta:
# For authentication, allow both basic and api key so that the key
# can be grabbed, if needed.
authentication = MultiAuthentication(
BasicAuthentication(),
ApiKeyAuthentication())
authorization = Authorization()
resource_name = 'user'
allowed_methods = ['get', 'patch', 'put', ]
always_return_data = True
queryset = User.objects.all().select_related("api_key")
excludes = ['is_active', 'is_staff', 'is_superuser', 'date_joined',
'last_login']
def authorized_read_list(self, object_list, bundle):
return object_list.filter(id=bundle.request.user.id).select_related()
def hydrate(self, bundle):
if "raw_password" in bundle.data:
raw_password = bundle.data["raw_password"]
# Validate password
if not validate_password(raw_password):
if len(raw_password) < MINIMUM_PASSWORD_LENGTH:
raise CustomBadRequest(
code="invalid_password",
message=(
"Your password should contain at least {length} "
"characters.".format(length=
MINIMUM_PASSWORD_LENGTH)))
raise CustomBadRequest(
code="invalid_password",
message=("Your password should contain at least one number"
", one uppercase letter, one special character,"
" and no spaces."))
bundle.data["password"] = make_password(raw_password)
return bundle
def dehydrate(self, bundle):
bundle.data['key'] = bundle.obj.api_key.key
# Don't return `raw_password` in response.
del bundle.data["password"]
return bundle
我知道“johndoe”和“j0hnd03”是正确的用户名和密码。如果我为该用户使用ApiKey方法,它就可以正常工作
我还尝试了以下方法:
resp = self.api_client.get('/api/v1/user/2/', format='json', authentication=self.create_basic(username='johndoe', password='j0hnd03'))
我删除了排除项,这并没有改变任何事情。我仍在领取401养老金。ApiKey可以工作,所以根本无法解释为什么基本验证不起作用。
resp = self.api_client.get('/api/v1/user/2/', format='json', authentication=self.create_basic(username='johndoe', password='j0hnd03'))
I believe that the matter could be in your exclude :
excludes = ['is_active', 'is_staff', 'is_superuser', 'date_joined',
'last_login']
try to restrict the exclude field to see what you will get, depending of the users type.