[英]Django Rest Framework {“detail”:“Authentication credentials were not provided.”}
I have tried to add authentication to my Rest API using OAuth Toolkit. 我尝试使用OAuth Toolkit为我的Rest API添加身份验证。 I get to the login page and enter in my username and password then redirect to my api.
我进入登录页面并输入我的用户名和密码然后重定向到我的api。 I then get a message {"detail":"Authentication credentials were not provided."} I have tried looking into this and most people who have the problem seem to have missed something out of the Rest_Framework settings.
然后我收到一条消息{“详细信息”:“未提供身份验证凭据。”}我尝试过调查此问题,大多数有问题的人似乎都错过了Rest_Framework设置。 I dont think I have though.
我不认为我有。
Heres my code: 继承我的代码:
Settings.py Settings.py
LOGIN_REDIRECT_URL = '/api/users/'
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAdminUser',
),
'DEFAULT_RENDERER_CLASSES': (
'rest_framework.renderers.JSONRenderer',
),
'DEFAULT_PARSER_CLASSES': (
'rest_framework.parsers.JSONParser',
),
}
url.py url.py
urlpatterns = patterns('', url(r'^admin/', include(admin.site.urls)),
url(r'^accounts/login/$', auth_views.login, {'template_name': 'login.html'}),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^api-token-auth/', 'rest_framework.authtoken.views.obtain_auth_token'),
url(r'^o/', include('oauth2_provider.urls', namespace='oauth2_provider')),
url(r'^api/users/$', api.UserList.as_view()),
url(r'^api/users/(?P<pk>[0-9+]+)/$', api.UserDetail.as_view()),
)
api.py api.py
@receiver(post_save, sender=User)
def init_new_user(sender, instance, signal, created, **kwargs):
if created:
Token.objects.create(user=instance)
class APIEndpoint(ProtectedResourceView):
def get(self, request, *args, **kwargs):
return HttpResponse('Protected with OAuth2!')
class UserViewSet(viewsets.ModelViewSet):
model = User
serializer_class = UserSerializer
def retrieve(self, request, pk=None):
if pk == 'me':
return Response(UserSerializer(request.user).data)
return super(UserViewSet, self).retrieve(request, pk)
class UserList(generics.ListCreateAPIView):
queryset = User.objects.all()
serializer_class = UserSerializer
class UserDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = User.objects.all()
serializer_class = UserSerializer
In my case token authentication was working fine on development server and not on Apache. 在我的情况下,令牌认证在开发服务器上运行良好,而不是在Apache上运行。 The reason was exactly the missing
WSGIPassAuthorization On
原因正是缺少
WSGIPassAuthorization On
http://www.django-rest-framework.org/api-guide/authentication/#apache-mod_wsgi-specific-configuration http://www.django-rest-framework.org/api-guide/authentication/#apache-mod_wsgi-specific-configuration
see your settings.py, if you have 如果有,请参阅settings.py
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
in REST_FRAMEWORK like this, it will Authenticate each time when you post. 在这样的REST_FRAMEWORK中,每次发布时都会进行身份验证。
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
)}
so, delete it. 所以,删除它。
In my case, I used a permissions.IsAuthenticatedOrReadOnly
permission class in my viewset, but sending a post request without login: 就我而言,我在视图集中使用了
permissions.IsAuthenticatedOrReadOnly
.IsAuthenticatedOrReadOnly权限类,但是在没有登录的情况下发送了一个帖子请求:
class MemberViewSet(viewsets.ModelViewSet):
queryset = Member.objects.all()
serializer_class = MemberSerializer
permission_classes = (
permissions.IsAuthenticatedOrReadOnly,
)
@list_route(methods=['post'])
def check_activation_code(self, request):
# my custom action which do not need login
# I met the error in this action
do_something()
So the permission checking for that permission class is failed. 因此,对该权限类的权限检查失败。
Everything goes well after I remove the IsAuthenticatedOrReadOnly
permission class. 删除
IsAuthenticatedOrReadOnly
权限类后,一切顺利。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.