Python post请求中禁止(403)-djangorest react
我有一个用于用户注册的端点。 我使用react作为项目的前端。我使用json主体向端点发送POST请求以注册用户。 但它是被禁止的(403)。 当我使用postman测试功能时,一切都正常,但使用axios则不然 错误:POST/user/register/403(禁止) 端点:用户/注册/ 注册API视图:Python post请求中禁止(403)-djangorest react,python,django,reactjs,api,django-rest-framework,Python,Django,Reactjs,Api,Django Rest Framework,我有一个用于用户注册的端点。 我使用react作为项目的前端。我使用json主体向端点发送POST请求以注册用户。 但它是被禁止的(403)。 当我使用postman测试功能时,一切都正常,但使用axios则不然 错误:POST/user/register/403(禁止) 端点:用户/注册/ 注册API视图: class UserRegisterAPIView(APIView): serializer_class = UserRegisterSerializer permissi
class UserRegisterAPIView(APIView):
serializer_class = UserRegisterSerializer
permission_classes = [permissions.AllowAny]
def post(self, request, format=None, *args, **kwargs):
print(request.data)
serializer = UserRegisterSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
user_data = serializer.validated_data
return Response(user_data)
export const register = ({
username,
password,
password2,
email
}) => dispatch => {
const config = {
headers: {
'Content-Type': 'application/json',
}
}
const body = JSON.stringify({
username,
password,
password2,
email
});
axios.post('/user/register/', body, config)
.then(res => {
dispatch({
type: REGISTER_SUCCESS,
payload: res.data
})
}).catch(err => {
dispatch({
type: REGISTER_FAIL,
payload: err
})
console.log(err)
})
}
注册序列化程序:
我使用了django的默认模型用户
from django.contrib.auth.models import User
class UserRegisterSerializer(serializers.ModelSerializer):
password2 = serializers.CharField(
style={'input_type': 'password'})
class Meta:
model = User
fields = ["username", "email", "password", "password2"]
extra_kwargs = {
'password': {'write_only': True},
'password2': {'write_only': True}
}
def validate(self, data):
password = data.get('password')
password2 = data.pop('password2')
if len(str(password)) < 5:
raise serializers.ValidationError("Password is too short.")
if password != password2:
raise serializers.ValidationError("Passwords don't match.")
return data
def create(self, validated_data):
username = validated_data.get('username')
email = validated_data.get('email')
password = validated_data.get('password')
user = User.objects.create_user(username=username, email=email,
password=password)
if user and user.is_active:
return user
减速器:
import { REGISTER_SUCCESS, REGISTER_FAIL } from './../actions/types';
const initialState = {
user: null,
error: null,
}
export default function (state = initialState, action) {
switch (action.type) {
case REGISTER_SUCCESS:
console.log("Register success")
return {
...state,
user: action.payload,
}
case REGISTER_FAIL:
return {
...state,
user: null,
error: action.payload
}
default: {
return state;
}
}
}
您似乎没有在标题中传递CSRF:
'X-CSRFToken': csrftoken
尝试将其放在标题中:
'X-CSRFToken': csrftoken
您可以从Cookie获取的CSRF令牌的值。
有关CSRF的更多信息,请咨询Django官方