堆栈内存溢出
  简体   繁体   English

djoser 重置密码不断返回 403 禁止

[英]djoser reset password keeps returning 403 forbidden

 原文  2020-11-29 04:10:21       django/ django-rest-framework/ django-rest-framework-simplejwt/ djoser

问题描述

I have djoser running with rest framework and simpleJWT for authentication and I have a react frontend, everything is working fine except when the frontend sends the post request to "..../auth/users/reset_password", it gives back a 403 forbidden and it does not send an email with the link containing the uid and token, I cannot seem to find the problem, can someone help with this issue??我让 djoser 运行 rest 框架和 simpleJWT 进行身份验证,我有一个反应前端,一切正常,除非前端将发布请求发送到“..../auth/users/reset_password”,它返回 403 禁止并且它没有发送带有包含 uid 和令牌的链接的 email,我似乎找不到问题,有人可以帮助解决这个问题吗? here is the settings:这是设置:


REST_FRAMEWORK = {
    # Use Django's standard `django.contrib.auth` permissions,
    # or allow read-only access for unauthenticated users.
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ),

    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly',
        'rest_framework.permissions.IsAuthenticated',
    ]
}

DJOSER = {
    'LOGIN_FIELD': 'email',
    'USER_CREATE_PASSWORD_RETYPE': True,
    'USERNAME_CHANGED_EMAIL_CONFIRMATION': True,
    'PASSWORD_CHANGED_EMAIL_CONFIRMATION': True,
    'SEND_CONFIRMATION_EMAIL': True,
    'LOGOUT_ON_PASSWORD_CHANGE': True,
    'SET_PASSWORD_RETYPE': True,
    'PASSWORD_RESET_CONFIRM_RETYPE': True,
    'PASSWORD_RESET_CONFIRM_URL': 'password/reset/confirm/{uid}/{token}',
    'USERNAME_RESET_CONFIRM_URL': 'email/reset/confirm/{uid}/{token}',
    'ACTIVATION_URL': 'activate/{uid}/{token}',
    'SEND_ACTIVATION_EMAIL': True,
    'SERIALIZERS': {
        'user_create': 'authentication.api.serializers.UserCreateSerializer',
        'user': 'authentication.api.serializers.UserCreateSerializer',
        'user_delete': 'djoser.serializers.UserDeleteSerializer',
    }
}

SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60),
    'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
    'AUTH_HEADER_TYPES': ('JWT',),
}

1 个解决方案

解决方案1
 -2  2021-03-27 10:58:16

One of the typical things when 403 raises up is There's something wrong with the URL. 403 上升时的典型情况之一是 URL 出现问题。 Looks like perfect on Django side, so I recommend you to check the URL of the api request on frontend side.在 Django 方面看起来很完美,所以我建议您在前端检查 api 请求的 URL。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 djoser 实现密码重置 - password reset implementation with djoser Djoser 密码重置实现 - Djoser password reset implementation Djoser:使用用户名重置密码 - Djoser: Password Reset with Username Djoser 使用 Celery 重置密码电子邮件 - Djoser reset password email with Celery Django:{%csrf_token%}不断返回403 Forbidden错误 - Django: {% csrf_token %} keeps returning 403 Forbidden error Django的password_reset不断返回错误 - Django's password_reset keeps returning error Django DRF:如何使用 djoser 启用重置密码的激活码 - Django DRF: How to enable activation code for reset password using djoser 发送 JWT 时禁止 Djoser simplejwt 身份验证(403)<token> 授权/用户/我/</token> - Djoser simplejwt authentication forbidden(403) while sending JWT <token> to auth/users/me/ Django Djoser:Email 地址复位 - Django Djoser: Email address reset 403(禁止) - 403 (FORBIDDEN)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM