Python Django如何使用令牌身份验证所需的登录名
嗨,我正在尝试使用Django rest框架 我可以在RESTAPI视图中使用它Python Django如何使用令牌身份验证所需的登录名,python,django,authentication,django-rest-framework,Python,Django,Authentication,Django Rest Framework,嗨,我正在尝试使用Django rest框架 我可以在RESTAPI视图中使用它 #view_rest.py class CartList(generics.ListCreateAPIView): serializer_class = CartSerializer filter_class = CartFilter permission_classes = (permissions.IsAuthenticated,) def create(self, reques
#view_rest.py
class CartList(generics.ListCreateAPIView):
serializer_class = CartSerializer
filter_class = CartFilter
permission_classes = (permissions.IsAuthenticated,)
def create(self, request, *args, **kwargs):
request.data['user_id'] = request.user.id
return generics.ListCreateAPIView.create(self, request, *args, **kwargs)
def get_queryset(self):
user = self.request.user.id
return Cart.objects.filter(user_id_id=user)
但在我的自定义视图中,它不是身份验证
#custom_django_views.py
@login_required(login_url='/login/')
def order(request):
'''Returns page to place order
'''
return render(request,"order.html",{})
#this will redirect me to login page.
#settings.py
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'rest_framework.authtoken',
'myapp',
)
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'site_aggrigator.middleware.SubdomainMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
#rest framework
REST_FRAMEWORK = {
'DEFAULT_FILTER_BACKENDS': (
'rest_framework.filters.DjangoFilterBackend',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
'rest_framework.permissions.DjangoObjectPermissions',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
)
}
我无法理解为什么对自定义\u django\u视图的请求未经过身份验证?什么时候进行身份验证 用例是错误的。Django rest框架不允许这些事情。 web浏览器应使用会话身份验证。而且在移动设备上使用它时不需要它们 Rest framswork视图在使用令牌身份验证时负责csrf验证。这对我来说很有效
from rest_framework.decorators import api_view
@api_view(["GET"])
def your_function(request):
pass
尝试在基于自定义函数的视图上方使用@permission\u类((permissions.IsAuthenticated,)。我找不到
permission\u类
。我已尝试使用所需的权限(permissions.IsAuthenticated)
。这不起作用。从rest\u framework.decorators导入权限_classes@Zealous,仍然没有成功。您的自定义视图不是api视图,对吗?