堆栈内存溢出
  简体   繁体   English

在发布请求中禁止 (403) - djangorest-react

[英]Forbidden (403) in a post request - djangorest-react

 原文  2019-03-15 08:15:42       python/ django/ reactjs/ api/ django-rest-framework

问题描述

I have an endpoint for users registration.我有一个用于用户注册的端点。 I use react for my front side of project.我在项目的前端使用 react。 I send POST request to the endpoint with json body to register user.我使用 json body 向端点发送 POST 请求以注册用户。 but it return's Forbidden (403).但它返回的是 Forbidden (403)。 When I use postman to test functionality everything is Ok but with axios It is not.当我使用邮递员来测试功能时一切正常,但使用 axios 则不是。

Error : POST /user/register/ 403 (Forbidden)错误:POST /user/register/ 403(禁止)

endpoint : user/register/端点:用户/注册/

Register API View:注册API查看:

class UserRegisterAPIView(APIView):
    serializer_class = UserRegisterSerializer
    permission_classes = [permissions.AllowAny]

    def post(self, request, format=None, *args, **kwargs):
        print(request.data)
        serializer = UserRegisterSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        user = serializer.save()
        user_data = serializer.validated_data
        return Response(user_data)

Register Serializer: I used django's default model User注册序列化程序:我使用了 django 的默认模型 User

from django.contrib.auth.models import User
class UserRegisterSerializer(serializers.ModelSerializer):
    password2   = serializers.CharField(
        style={'input_type': 'password'})

    class Meta:
        model = User
        fields = ["username", "email", "password", "password2"]
        extra_kwargs = {
        'password': {'write_only': True},
        'password2': {'write_only': True}
        }

    def validate(self, data):
        password    = data.get('password')
        password2   = data.pop('password2')

        if len(str(password)) < 5:
            raise serializers.ValidationError("Password is too short.")
        if password != password2:
            raise serializers.ValidationError("Passwords don't match.")
        return data

    def create(self, validated_data):
        username = validated_data.get('username')
        email    = validated_data.get('email')
        password = validated_data.get('password')

        user = User.objects.create_user(username=username, email=email,
                password=password)

        if user and user.is_active:
            return user

Register Component: I've imported action register .注册组件:我已经导入了 action register

Note: I deleted other input fields to decrease code注意:我删除了其他输入字段以减少代码

export class Register extends Component {

  state = {
    username: '',
    password: '',
    password2: '',
    email: '',
  }

  onChange = (e) => this.setState({ [e.target.name]: e.target.value })

  onSubmit = (e) => {
    e.preventDefault();
    this.props.register(this.state)
  }

  render() {
    return (
      <div className="col-md-6 m-auto">
        <div className="card card-body mt-5">
          <form onSubmit={this.onSubmit}>
            <div className="form-group">
              <label>Username</label>
              <input
                type="text"
                className="form-control"
                name="username"
                onChange={this.onChange}
              />
            </div>
            <div className="form-group">
              <button type="submit" className="btn btn-primary">
                Register
              </button>
            </div>
            <p>
              Already have an account? <Link to="/login">Login</Link>
            </p>
          </form>
        </div>
      </div>
    )
  }
}


export default connect(null, { register })(Register);

Action:行动:

export const register = ({
  username,
  password,
  password2,
  email
}) => dispatch => {
  const config = {
    headers: {
      'Content-Type': 'application/json',
    }
  }
  const body = JSON.stringify({
    username,
    password,
    password2,
    email
  });

  axios.post('/user/register/', body, config)
    .then(res => {
      dispatch({
        type: REGISTER_SUCCESS,
        payload: res.data
      })
    }).catch(err => {
      dispatch({
        type: REGISTER_FAIL,
        payload: err
      })
      console.log(err)
    })
}

Reducer:减速器:

import { REGISTER_SUCCESS, REGISTER_FAIL } from './../actions/types';

const initialState = {
  user: null,
  error: null,
}

export default function (state = initialState, action) {
  switch (action.type) {
    case REGISTER_SUCCESS:
      console.log("Register success")
      return {
        ...state,
        user: action.payload,
      }
    case REGISTER_FAIL:
      return {
        ...state,
        user: null,
        error: action.payload
      }
    default: {
      return state;
    }
  }
}

1 个解决方案

解决方案1
 2 已采纳  2019-03-15 08:26:21

Seems that you are not passing CSRF in your header:似乎您没有在标头中传递 CSRF:

Try to put it in your header:试着把它放在你的标题中:

'X-CSRFToken': csrftoken

The value if CSRF token you can get from cookies.您可以从 cookie 中获取的 CSRF 令牌的值。 For more info about CSRF you can refer to Django 3.2 official docs .有关 CSRF 的更多信息,您可以参考 Django 3.2 官方文档

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 对“/”的 POST 请求返回 403 禁止 - POST request to “/” returns a 403 forbidden 邮件请求给403禁止django ajax - post request gives 403 forbidden django ajax Django和React被禁止使用403 - Django and React getting 403 forbidden 使用Docker在Django中使用POST数据发出urllib请求时,如何解决Forbidden 403错误? - How to resolve Forbidden 403 error when making a urllib request with POST data in Django using Docker? 403 FORBIDDEN使用ajax发送帖子DJANGO - 403 FORBIDDEN use ajax to send post DJANGO Python 3.5中的Request,urlopen中的禁止(403)错误 - Forbidden (403) error in Request,urlopen in Python 3.5 HTTP错误403:禁止urllib2请求 - HTTP Error 403: Forbidden on urllib2 request Etherscan API 在 Ropsten.network 中禁止请求 403 - Etherscan API request 403 forbidden in Ropsten network 在DJANGO中发送带有JSON数据的POST请求,并且来自视图的响应也返回JSON数据,但它给出403 FORBIDDEN错误 - Sending POST request with JSON data in DJANGO and response from view also JSON data but its giving 403 FORBIDDEN error 在HTML页面的views.py中使用request.post.get()方法时出现禁止403 CSRF错误 - Forbidden 403 CSRF error when using request.post.get() method in views.py from html page
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM