Django-rest-framework-JWT身份验证
[英]Django-rest-framework - JWT authentication
问题描述
In my settings.py file I have set this: 
在我的settings.py文件中,我设置了以下内容:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
Now, I have created a ListCreateAPIView : 现在,我创建了一个ListCreateAPIView :
class ListSubreddits(ListCreateAPIView):
queryset = Subreddit.objects.all()
authentication_classes = (JSONWebTokenAuthentication, )
def get_serializer_class(self):
if self.request.method == 'GET':
return SubredditSerializer_detailed
if self.request.method == 'POST':
return SubredditSerializer
So, I have sent a POST request creating without just content-type header and the POST request was successful. 所以,我已经发出了POST请求创建不只是content-type头和POST请求成功。 I haven't provided any Authentication or Authorization headers. 我没有提供任何身份验证或授权标头。 What am I missing here? 我在这里想念什么?
2 个解决方案
解决方案1
1 2018-07-25 04:13:00
you must add permission to your view : 您必须向您的视图添加权限:
from rest_framework import permissions
class ListSubreddits(ListCreateAPIView):
queryset = Subreddit.objects.all()
authentication_classes = (JSONWebTokenAuthentication, )
permission_classes = (permissions.IsAuthenticated, )
def get_serializer_class(self):
if self.request.method == 'GET':
return SubredditSerializer_detailed
if self.request.method == 'POST':
return SubredditSerializer
解决方案2
0 2018-07-25 05:36:38
Change your settings for REST_FRAMEWORK in settings.py to the following: 将settings.py中的REST_FRAMEWORK设置更改为以下内容:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
)
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.