[英]Getting a CORS error through my Django REST framework API, even after configuration
我正在尝试使用 Django Rest 框架为我标记为accounts
的应用程序创建用户注册视图。 我已经安装了django-cors-headers
(请参阅下面的设置文件)并按照文档中的说明进行配置。 当我使用 GET 请求测试 API 时,我仍然收到此错误:
... from origin 'https://hoppscotch.io' has been blocked
by CORS policy: No 'Access-Control-Allow-Origin' header
is present on the requested resource.
非常感谢一些调试解决方案,我一直在努力寻找我的错误的问题。 下面是我在创建 class 时创建的重要文件、视图、Djano REST api 的 url。
serializers.py
from rest_framework import serializers
from django.contrib.auth.models import User
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField(max_length=65, min_length=8, write_only=True)
email = serializers.EmailField(max_length=255, min_length=4)
username = serializers.RegexField("^(?!.*\.\.)(?!.*\.$)[^\W][\w.]{3,29}$")
first_name = serializers.RegexField("^[A-Za-z]+((\s)?((\'|\-|\.)?([A-Za-z])+))*$", max_length=32, min_length=2)
last_name = serializers.RegexField("^[A-Za-z]+((\s)?((\'|\-|\.)?([A-Za-z])+))*$", max_length=32, min_length=2)
class Meta:
model = User
fields = ['username', 'first_name', 'last_name', 'email', 'password']
def validate(self, attrs):
email = attrs.get('email', '')
if User.objects.filter(email=email).exists():
raise serializers.ValidationError(
{'email': ('Email is already in use')})
return super().validate(attrs)
def create(self, validated_data):
return User.objects.create_user(**validated_data)
views.py
from django.shortcuts import render
from rest_framework.generics import GenericAPIView
from .serializers import UserSerializer
from rest_framework.response import Response
from rest_framework import status
# Create your views here.
class RegisterView(GenericAPIView):
serializer_class = UserSerializer
def post(self, request):
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
urls.py
from django.urls import path
from .views import RegisterView
urlpatterns = [
path('register', RegisterView.as_view()),
]
project urls.py
from django.contrib import admin
from django.urls import path, include, re_path
from django.views.generic.base import TemplateView
from home import views
from accounts import views
urlpatterns = [
path('', include('home.urls')),
path('api/auth/', include('accounts.urls')),
]
settings.py
import os
from decouple import config
from pathlib import Path
from urllib.parse import urlparse
import dj_database_url
import logging.config
BASE_DIR = os.path.dirname(os.path.abspath(__file__))
SECRET_KEY = SECRET KEY
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = ['*']
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'corsheaders',
#fancy packages
'storages',
'rest_framework',
#apps
'home.apps.HomeConfig',
'accounts',
'bootstrap4',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'stockbuckets.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': ['stockbuckets/templates', 'home/templates', 'blog/templates'],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
X_FRAME_OPTIONS = 'SAMEORIGIN'
# DEBUG_PROPAGATE_EXCEPTIONS = True
WSGI_APPLICATION = 'stockbuckets.wsgi.application'
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': config('DO_DB'),
'USER' : config('DB_ADMIN'),
'PASSWORD' : config('DB_ADMIN_PASS'),
'HOST' : config('DB_HOST'),
'PORT' : config('DB_PORT'),
'OPTIONS': {'sslmode':'disable'},
}
}
db_from_env = dj_database_url.config(conn_max_age=600)
DATABASES['default'].update(db_from_env)
# Password validation
# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/3.1/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
STATICFILES_DIRS = (
os.path.join(BASE_DIR, 'static'),
)
MEDIA_ROOT = os.path.join(BASE_DIR,'media')
MEDIA_URL = '/media/'
CRISPY_TEMPLATE_PACK = 'bootstrap4'
ASGI_APPLICATION = 'stockbuckets.routing.application'
STATICFILES_FINDERS = [
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
]
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
提前感谢您的任何建议,我很遗憾地陷入困境,不确定从这里到 go 的位置,尽管放弃了 REST 的想法,这将是一个禁忌。
尝试将您的 settings.py MIDDLEWARE 更改为:
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.