[英]Django-rest-framework - JWT authentication
In my settings.py
file I have set this: 在我的settings.py
文件中,我设置了以下内容:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
Now, I have created a ListCreateAPIView
: 现在,我创建了一个ListCreateAPIView
:
class ListSubreddits(ListCreateAPIView):
queryset = Subreddit.objects.all()
authentication_classes = (JSONWebTokenAuthentication, )
def get_serializer_class(self):
if self.request.method == 'GET':
return SubredditSerializer_detailed
if self.request.method == 'POST':
return SubredditSerializer
So, I have sent a POST request creating without just content-type
header and the POST request was successful. 所以,我已经发出了POST请求创建不只是content-type
头和POST请求成功。 I haven't provided any Authentication or Authorization headers. 我没有提供任何身份验证或授权标头。 What am I missing here? 我在这里想念什么?
you must add permission to your view : 您必须向您的视图添加权限:
from rest_framework import permissions
class ListSubreddits(ListCreateAPIView):
queryset = Subreddit.objects.all()
authentication_classes = (JSONWebTokenAuthentication, )
permission_classes = (permissions.IsAuthenticated, )
def get_serializer_class(self):
if self.request.method == 'GET':
return SubredditSerializer_detailed
if self.request.method == 'POST':
return SubredditSerializer
Change your settings for REST_FRAMEWORK
in settings.py to the following: 将settings.py中的REST_FRAMEWORK
设置更改为以下内容:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
)
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.