我正在使用Postman。当我向API/auth/login/提出发布请求时,我会得到401响应"未提供身份验证凭证"。在终端中,我没有在登录序列化器内的打印语句中获得未经授权:/api/auth/login/。这是我的代码:settings.py
#just including the rest framework one here
REST_FRAMEWORK = {
# Use Django's standard `django.contrib.auth` permissions,
# or allow read-only access for unauthenticated users.
'DEFAULT_AUTHENTICATION_CLASSES':
(
'knox.auth.TokenAuthentication',
'rest_framework.authentication.TokenAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',)
}
views.py
#just everything user related
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('id', 'username')
class LoginUserSerializer(serializers.Serializer):
username = serializers.CharField()
password = serializers.CharField()
def validate(self, data):
user = authenticate(**data)
print(user)
if user:# and user.is_active:
return user
print("failed")
raise serializers.ValidationError("No no to log in with provided credentials.")
#Views
class RegistrationAPI(generics.GenericAPIView):
serializer_class = CreateUserSerializer
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
return Response({
"user": UserSerializer(user, context=self.get_serializer_context()).data,
"token": AuthToken.objects.create(user)[1]
})
class LoginAPI(generics.GenericAPIView):
serializer_class = LoginUserSerializer
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data
return Response({
"user": UserSerializer(user, context=self.get_serializer_context()).data,
"token": AuthToken.objects.create(user)
})
urls.py
router = routers.DefaultRouter()
router.register('api/games', GameViewset, 'games-name')
urlpatterns = [
re_path(r"^", include(router.urls)),
re_path(r'^api/auth/', include('knox.urls')),
re_path(r"^api/auth/register/$", RegistrationAPI.as_view()),
re_path(r"^api/auth/login/$", LoginAPI.as_view())
]
请在Loginapi上添加这两行。
class LoginAPI(generics.GenericAPIView):
# This 2 lines
authentication_classes = ()
permission_classes = ()
serializer_class = LoginUserSerializer
您可以在设置'DEFAULT_PERMISSION_CLASSES'('rest_framework.permissions.IsAdminUser',)
这就是为什么您必须考虑避免被认证的原因。