[英]Token Authorization Django {“detail”:“Authentication credentials were not provided.”}
I am trying to implement Token based Authorization at my server APIs.我正在尝试在我的服务器 API 上实现基于令牌的授权。 But, when I fire a query then it returns
{"detail": "Authentication credentials were not provided."}
但是,当我触发查询时,它会返回
{"detail": "Authentication credentials were not provided."}
I have done almost all the settings recommended at various posts and also at the Django documentation.我已经完成了各种帖子以及 Django 文档中推荐的几乎所有设置。
In my settings.py
:在我的
settings.py
:
INSTALLED_APPS = [
'rest_framework.authtoken',
]
And also,并且,
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
}
In my views file:在我的视图文件中:
from rest_framework.authentication import TokenAuthentication
from rest_framework.permissions import IsAuthenticated
class UserList(generics.ListCreateAPIView):
queryset = User.objects.all()
serializer_class = UserSerializer
authentication_classes = [TokenAuthentication]
permission_classes = [IsAuthenticated]
And in my Apache Config file at WSGI在我的 WSGI 的 Apache 配置文件中
WSGIPassAuthorization On
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP-AUTHORIZATION:%1]
I don't know if I am missing anything other than this.我不知道我是否错过了除此之外的任何东西。 The token is pre-generated at super user level using command line.
令牌是使用命令行在超级用户级别预先生成的。
The default Django Rest Framework HTML that you see when you go to your website in the browser does not work with token authorization.默认的 Django Rest 框架 HTML 当您在浏览器中看到 Z34D1F91FB2E514B8576FAB1A75 授权时您看到的 Z34D1F91FB2E514B8576FAB1AZA 不使用 A868 令牌。 This is because you need to put
Authorization: Token <insert your token here>
in your header when sending a request.这是因为您需要在发送请求时将
Authorization: Token <insert your token here>
放入 header 中。 This is an issue because the form you fill out has no place to change headers.这是一个问题,因为您填写的表格没有地方可以更改标题。
I would suggest either Postman (nice GUI), or curl (command) to test out your API since you need to edit the HTTP headers of your requests. I would suggest either Postman (nice GUI), or curl (command) to test out your API since you need to edit the HTTP headers of your requests.
Have you seen this related SO question ?你见过这个相关的 SO 问题吗?
If you're using mod_wsgi, leave out the REWRITE section, put WSGIPassAuthorization On
below the WSGIScriptAlias
, WSGIDaemonProcess
and WSGIProcessGroup
directives.如果您使用 mod_wsgi,请忽略 REWRITE 部分,将
WSGIPassAuthorization On
放在WSGIScriptAlias
、 WSGIDaemonProcess
和WSGIProcessGroup
指令下方。 Just got my Apache + mod_wsgi configuration working, looks something like this:刚刚让我的 Apache + mod_wsgi 配置工作,看起来像这样:
...
WSGIScriptAlias / /var/www/html/base/wsgi.py
WSGIDaemonProcess django_app python-path=/var/www/html python-home=/var/www/html/env
WSGIProcessGroup django_app
WSGIPassAuthorization On
...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.