Here is my code
class termTypeResource(ModelResource):
class Meta:
queryset = TermType.objects.all()
resource_name = 'gettermtypes'
allowed_methods = ['get','post']
Whenever I do curl for the api like below
curl --dump-header - -H "Content-Type: application/json" -X POST --data {"termtype":"LONG"}' --apiURL--
it is returning (Note: I dont want to add authentication or authorization for api POST)
HTTP/1.0 401 UNAUTHORIZED
Date: Fri, 17 Oct 2014 12:05:49 GMT
Server: WSGIServer/0.1 Python/2.7.6
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
From tastypie tutorial: http://django-tastypie.readthedocs.org/en/latest/tutorial.html#hooking-up-the-resource-s
However, if you try sending a POST/PUT/DELETE to the resource, you find yourself getting “401 Unauthorized” errors. For safety, Tastypie ships with the authorization class (“what are you allowed to do”) set to ReadOnlyAuthorization. This makes it safe to expose on the web, but prevents us from doing POST/PUT/DELETE. Let's enable those:
authorization = Authorization()
But you specified this as Authorization =
, it's wrong. And, how it is mentioned in tutorial, POST and etc. without authentication is insecure.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.