[英]JWT Logout “detail”: “Authentication credentials were not provided.”
I am trying to create a Logout endpoint for a jwt token in djangorestframework.我正在尝试为 djangorestframework 中的 jwt 令牌创建一个注销端点。 When I access this endpoint via postman, I get
"detail": "Authentication credentials were not provided."
当我通过 postman 访问此端点时,我得到
"detail": "Authentication credentials were not provided."
What am I missing here?我在这里想念什么?
views.py视图.py
from rest_framework.permissions import IsAuthenticated
from rest_framework_simplejwt.tokens import RefreshToken
class LogoutView(APIView):
permission_classes = (IsAuthenticated,)
def post(self, request):
try:
refresh_token = request.data["refresh_token"]
token = RefreshToken(refresh_token)
token.blacklist()
return Response(status=status.HTTP_205_RESET_CONTENT)
except Exception as e:
return Response(status=status.HTTP_400_BAD_REQUEST)
urls.py网址.py
from accounts.views.user_api_views import (
LogoutView,
LogoutAllView,
)
urlpatterns = [
path("auth/", include("djoser.urls")),
path("auth/", include("djoser.urls.jwt")),
path("auth/token/", ObtainCustomizedTokenView.as_view(), name="token_obtain_pair"),
path(
"auth/token/refresh/",
jwt_views.TokenRefreshView.as_view(),
name="token_refresh",
),
path("logout/", LogoutView.as_view(), name="logout"),
path("logout_all/", LogoutAllView.as_view(), name="logout_all"),
]
settings.py设置.py
INSTALLED_APPS = [
...
# local apps
# 3rd party
"storages",
"rest_framework",
"rest_framework_gis",
"rest_framework.authtoken",
"djoser",
"django_celery_beat",
"raven.contrib.django.raven_compat",
"rest_framework_simplejwt.token_blacklist",
]
......
SIMPLE_JWT = {
"ACCESS_TOKEN_LIFETIME": timedelta(weeks=521), # 10 years
"REFRESH_TOKEN_LIFETIME": timedelta(weeks=521),
"ROTATE_REFRESH_TOKENS": True,
"BLACKLIST_AFTER_ROTATION": True,
"ALGORITHM": "HS256",
"SIGNING_KEY": SECRET_KEY,
"VERIFYING_KEY": None,
"AUTH_HEADER_TYPES": ("JWT",),
"USER_ID_FIELD": "id",
"USER_ID_CLAIM": "user_id",
"AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
"TOKEN_TYPE_CLAIM": "token_type",
}
......
REST_FRAMEWORK = {
"DEFAULT_AUTHENTICATION_CLASSES": (
"rest_framework_simplejwt.authentication.JWTAuthentication",
),
"DEFAULT_PARSER_CLASSES": [
"rest_framework.parsers.JSONParser",
"rest_framework.parsers.FormParser",
"rest_framework.parsers.MultiPartParser",
],
"DEFAULT_PERMISSIONS_CLASSES": ("rest_framework.permissions.IsAuthenticated"),
}
I solved this by removing the setting "AUTH_HEADER_TYPES": ("JWT",)
from SIMPLE_JWT settings.我通过从 SIMPLE_JWT 设置中删除设置
"AUTH_HEADER_TYPES": ("JWT",)
解决了这个问题。 My settings modified settings file is as follows:我的设置修改设置文件如下:
SIMPLE_JWT = {
"ACCESS_TOKEN_LIFETIME": timedelta(weeks=521), # 10 years
"REFRESH_TOKEN_LIFETIME": timedelta(weeks=521),
"ROTATE_REFRESH_TOKENS": True,
"BLACKLIST_AFTER_ROTATION": True,
"ALGORITHM": "HS256",
"SIGNING_KEY": SECRET_KEY,
"VERIFYING_KEY": None,
"USER_ID_FIELD": "id",
"USER_ID_CLAIM": "user_id",
"AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
"TOKEN_TYPE_CLAIM": "token_type",
}
Alternatively, adding Bearer to the list of "AUTH_HEADER_TYPES": ("JWT","Bearer")
also worked.或者,将 Bearer 添加到
"AUTH_HEADER_TYPES": ("JWT","Bearer")
列表中也可以。 When choosing the authorization type in postman, It gives you the option of Bearer Token
.在 postman 中选择授权类型时,它为您提供
Bearer Token
选项。 This means that, the view will look for a header containing the pattern Authorization: Bearer <token>
.这意味着,视图将查找包含模式
Authorization: Bearer <token>
的 header 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.