Fatal编程技术网
  • python/
  • Python post请求中禁止(403)-djangorest react

Python post请求中禁止(403)-djangorest react

python django reactjs api django-rest-framework

Python post请求中禁止(403)-djangorest react,python,django,reactjs,api,django-rest-framework,Python,Django,Reactjs,Api,Django Rest Framework,我有一个用于用户注册的端点。 我使用react作为项目的前端。我使用json主体向端点发送POST请求以注册用户。 但它是被禁止的(403)。 当我使用postman测试功能时,一切都正常,但使用axios则不然 错误:POST/user/register/403(禁止) 端点:用户/注册/ 注册API视图: class UserRegisterAPIView(APIView): serializer_class = UserRegisterSerializer permissi

我有一个用于用户注册的端点。 我使用react作为项目的前端。我使用json主体向端点发送POST请求以注册用户。 但它是被禁止的(403)。 当我使用postman测试功能时,一切都正常,但使用axios则不然

错误:POST/user/register/403(禁止)

端点:用户/注册/

注册API视图:

class UserRegisterAPIView(APIView):
    serializer_class = UserRegisterSerializer
    permission_classes = [permissions.AllowAny]

    def post(self, request, format=None, *args, **kwargs):
        print(request.data)
        serializer = UserRegisterSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        user = serializer.save()
        user_data = serializer.validated_data
        return Response(user_data)

export const register = ({
  username,
  password,
  password2,
  email
}) => dispatch => {
  const config = {
    headers: {
      'Content-Type': 'application/json',
    }
  }
  const body = JSON.stringify({
    username,
    password,
    password2,
    email
  });

  axios.post('/user/register/', body, config)
    .then(res => {
      dispatch({
        type: REGISTER_SUCCESS,
        payload: res.data
      })
    }).catch(err => {
      dispatch({
        type: REGISTER_FAIL,
        payload: err
      })
      console.log(err)
    })
}
注册序列化程序: 我使用了django的默认模型用户

from django.contrib.auth.models import User
class UserRegisterSerializer(serializers.ModelSerializer):
    password2   = serializers.CharField(
        style={'input_type': 'password'})

    class Meta:
        model = User
        fields = ["username", "email", "password", "password2"]
        extra_kwargs = {
        'password': {'write_only': True},
        'password2': {'write_only': True}
        }

    def validate(self, data):
        password    = data.get('password')
        password2   = data.pop('password2')

        if len(str(password)) < 5:
            raise serializers.ValidationError("Password is too short.")
        if password != password2:
            raise serializers.ValidationError("Passwords don't match.")
        return data

    def create(self, validated_data):
        username = validated_data.get('username')
        email    = validated_data.get('email')
        password = validated_data.get('password')

        user = User.objects.create_user(username=username, email=email,
                password=password)

        if user and user.is_active:
            return user
减速器:

import { REGISTER_SUCCESS, REGISTER_FAIL } from './../actions/types';

const initialState = {
  user: null,
  error: null,
}

export default function (state = initialState, action) {
  switch (action.type) {
    case REGISTER_SUCCESS:
      console.log("Register success")
      return {
        ...state,
        user: action.payload,
      }
    case REGISTER_FAIL:
      return {
        ...state,
        user: null,
        error: action.payload
      }
    default: {
      return state;
    }
  }
}
您似乎没有在标题中传递CSRF:

'X-CSRFToken': csrftoken
尝试将其放在标题中:

'X-CSRFToken': csrftoken
您可以从Cookie获取的CSRF令牌的值。 有关CSRF的更多信息,请咨询Django官方