Python Django如何使用令牌身份验证所需的登录名_Python_Django_Authentication_Django Rest Framework

Python Django如何使用令牌身份验证所需的登录名

python django authentication django-rest-framework

Python Django如何使用令牌身份验证所需的登录名,python,django,authentication,django-rest-framework,Python,Django,Authentication,Django Rest Framework,嗨，我正在尝试使用Django rest框架我可以在RESTAPI视图中使用它 #view_rest.py class CartList(generics.ListCreateAPIView): serializer_class = CartSerializer filter_class = CartFilter permission_classes = (permissions.IsAuthenticated,) def create(self, reques

嗨，我正在尝试使用Django rest框架

我可以在RESTAPI视图中使用它

#view_rest.py
class CartList(generics.ListCreateAPIView):
    serializer_class = CartSerializer
    filter_class = CartFilter
    permission_classes = (permissions.IsAuthenticated,)
    def create(self, request, *args, **kwargs):
        request.data['user_id'] = request.user.id
        return generics.ListCreateAPIView.create(self, request, *args, **kwargs)

    def get_queryset(self):
        user = self.request.user.id
        return Cart.objects.filter(user_id_id=user)

但在我的自定义视图中，它不是身份验证

#custom_django_views.py
@login_required(login_url='/login/')
def order(request):
    '''Returns page to place order
    '''
    return render(request,"order.html",{})

#this will redirect me to login page.



#settings.py
INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
    'rest_framework.authtoken',
    'myapp',
)

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'site_aggrigator.middleware.SubdomainMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
#rest framework
REST_FRAMEWORK = {
    'DEFAULT_FILTER_BACKENDS': (
        'rest_framework.filters.DjangoFilterBackend',
    ),
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated',
        'rest_framework.permissions.DjangoObjectPermissions',
    ),
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.TokenAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    )
}

我无法理解为什么对自定义\u django\u视图的请求未经过身份验证？什么时候进行身份验证

用例是错误的。Django rest框架不允许这些事情。

web浏览器应使用会话身份验证。而且在移动设备上使用它时不需要它们

Rest framswork视图在使用令牌身份验证时负责csrf验证。

这对我来说很有效

from rest_framework.decorators import api_view
@api_view(["GET"])
def your_function(request):
    pass

尝试在基于自定义函数的视图上方使用@permission\u类（（permissions.IsAuthenticated，）。我找不到

permission\u类

。我已尝试使用所需的

权限（permissions.IsAuthenticated）

。这不起作用。从rest\u framework.decorators导入权限_classes@Zealous，仍然没有成功。您的自定义视图不是api视图，对吗？