DRF中未提供“身份验证凭据”
[英]“Authentication credentials were not provided.” in DRF
问题描述
I am using rest_framework_simplejwt authentication in my DRF backend. 
我在DRF后端使用rest_framework_simplejwt身份验证。 Every things works absolutely fine when I am using DRF browser in terms of authentication and having access to predefined API endpoints. 当我使用DRF浏览器进行身份验证并可以访问预定义的API端点时,一切工作都很好。
However when I want to programatically access the end points for post/patch method I get Authentication credentials were not provided. 但是,当我想以编程方式访问post / patch方法的端点时,我得不到身份验证凭据。 error. 错误。 Here is my settings: 这是我的设置:
ALLOWED_HOSTS = ['*']
...
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'propertypost.apps.PropertyConfig',
'users.apps.UsersConfig',
'rest_framework',
# 3rd party
'django_filters',
'rest_auth',
'django.contrib.sites',
'allauth',
'allauth.account',
'rest_auth.registration',
'allauth.socialaccount',
'django.contrib.gis',
]
REST_FRAMEWORK = {
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
'PAGE_SIZE': 10,
'DEFAULT_FILTER_BACKENDS': (
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.OrderingFilter',
'rest_framework.filters.SearchFilter',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
'rest_framework.authentication.SessionAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
# 'rest_framework.permissions.IsAuthenticated',
),
}
...
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=525600),
'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
'ROTATE_REFRESH_TOKENS': False,
'BLACKLIST_AFTER_ROTATION': True,
'ALGORITHM': 'HS256',
'SIGNING_KEY': SECRET_KEY,
'VERIFYING_KEY': None,
'AUTH_HEADER_TYPES': ('Bearer',),
'USER_ID_FIELD': 'id',
'USER_ID_CLAIM': 'user_id',
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
'TOKEN_TYPE_CLAIM': 'token_type',
'SLIDING_TOKEN_REFRESH_EXP_CLAIM': 'refresh_exp',
'SLIDING_TOKEN_LIFETIME': timedelta(minutes=120),
'SLIDING_TOKEN_REFRESH_LIFETIME': timedelta(days=1),
}
AUTH_USER_MODEL = 'users.CustomUser'
REST_USE_JWT = True
as I said, above setting works perfectly in DRF browser, but when here when I try to request a patch method it gives Authentication credentials were not provided : 就像我说的那样,以上设置在DRF浏览器中非常有效,但是当我尝试请求补丁方法时,它没有提供身份验证凭据 :
AUTH_ENDPOINT = "http://127.0.0.1:8000/rest-auth/login"
data = {
'username': username,
'password': password
headers = {
"Content-Type": "application/json"
}
r = requests.post(AUTH_ENDPOINT, data=json.dumps(data), headers=headers)
token=r.json()['token']
data = {
'age': 8,
}
headers = {
"Content-Type": "application/json",
"Authorization": "JWT " + token,
}
r = requests.patch(POST_ENDPOINT, data=json.dumps(data), headers=headers)
Please let me know what I am doing wrong Thanks, 请让我知道我做错了,谢谢
1 个解决方案
解决方案1
0 已采纳 2019-03-19 06:10:29
From the Usage section , the headers must be in the following format 在“ 用法”部分 ,标题必须采用以下格式
"Authorization: Bearer YourToken" So, Change your headers to, 所以,将标题更改为,
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer " + token,
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.