Fatal编程技术网
  • python/
  • Python Django Tastypie基本身份验证不工作

Python Django Tastypie基本身份验证不工作

python django

Python Django Tastypie基本身份验证不工作,python,django,tastypie,Python,Django,Tastypie,我有一个UserResource类,它允许用户对用户对象进行API调用。当我尝试使用基本身份验证进行身份验证时,它告诉我访问被拒绝。我使用的用户名和密码应该能够访问对象。你知道为什么基本认证对我不起作用吗 class UserResource(ModelResource): class Meta: # For authentication, allow both basic and api key so that the key # can be gra

我有一个UserResource类,它允许用户对用户对象进行API调用。当我尝试使用基本身份验证进行身份验证时,它告诉我访问被拒绝。我使用的用户名和密码应该能够访问对象。你知道为什么基本认证对我不起作用吗

class UserResource(ModelResource):

    class Meta:
        # For authentication, allow both basic and api key so that the key
        # can be grabbed, if needed.
        authentication = MultiAuthentication(
            BasicAuthentication(),
            ApiKeyAuthentication())
        authorization = Authorization()
        resource_name = 'user'

        allowed_methods = ['get', 'patch', 'put', ]
        always_return_data = True
        queryset = User.objects.all().select_related("api_key")
        excludes = ['is_active', 'is_staff', 'is_superuser', 'date_joined',
                'last_login']

    def authorized_read_list(self, object_list, bundle):
        return object_list.filter(id=bundle.request.user.id).select_related()

    def hydrate(self, bundle):
        if "raw_password" in bundle.data:
            raw_password = bundle.data["raw_password"]

        # Validate password
            if not validate_password(raw_password):
                if len(raw_password) < MINIMUM_PASSWORD_LENGTH:
                    raise CustomBadRequest(
                        code="invalid_password",
                        message=(
                            "Your password should contain at least {length} "
                            "characters.".format(length=
                                                 MINIMUM_PASSWORD_LENGTH)))
                raise CustomBadRequest(
                    code="invalid_password",
                    message=("Your password should contain at least one number"
                             ", one uppercase letter, one special character,"
                             " and no spaces."))

            bundle.data["password"] = make_password(raw_password)

        return bundle

    def dehydrate(self, bundle):
        bundle.data['key'] = bundle.obj.api_key.key
        # Don't return `raw_password` in response.
        del bundle.data["password"]
        return bundle
我知道“johndoe”和“j0hnd03”是正确的用户名和密码。如果我为该用户使用ApiKey方法,它就可以正常工作

我还尝试了以下方法:

resp = self.api_client.get('/api/v1/user/2/', format='json', authentication=self.create_basic(username='johndoe', password='j0hnd03'))
我删除了排除项,这并没有改变任何事情。我仍在领取401养老金。ApiKey可以工作,所以根本无法解释为什么基本验证不起作用。 
resp = self.api_client.get('/api/v1/user/2/', format='json', authentication=self.create_basic(username='johndoe', password='j0hnd03'))

I believe that the matter could be in your exclude :
 excludes = ['is_active', 'is_staff', 'is_superuser', 'date_joined',
            'last_login']
try to restrict the exclude field to see what you will get, depending of the users type.