小贝子编程

Django Admin身份验证凭据未提供-HTTP 401



我的Django应用程序无法识别某些模型的管理面板中的凭据。我可以登录,查看部分模型,但对于其他一些模型,我看到以下错误消息:

{"detail":"Authentication credentials were not provided."}

有趣的是:我可以看到一些模型,但当我点击"添加"添加条目时,我会看到错误消息。

除此之外,我正在使用以下库:

Django==2.0.9
django-cors-headers==2.4.0
django-extensions==2.1.3
django-storages==1.7.1
djangorestframework==3.8.2
djangorestframework-jwt==1.11.0

在我的设置.py中,我有以下内容:

INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'corsheaders',
'django_extensions',
'storages',
'rest_framework',
'authentication.apps.AuthenticationConfig',
'directory.apps.DirectoryConfig',
'metacontent.apps.MetacontentConfig',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
]

以及:

REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
#'rest_framework.permissions.IsAuthenticated', #removed for open docs access
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
),
'DEFAULT_RENDERER_CLASSES': (
'rest_framework.renderers.JSONRenderer',
),
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
'PAGE_SIZE': 100,
'DEFAULT_THROTTLE_CLASSES': (
'rest_framework.throttling.AnonRateThrottle',
),
'DEFAULT_THROTTLE_RATES': {
'anon': '1000/hour',
'user': '6000/hour',
},
}

当请求不起作用时,响应的标题如下:

HTTP/1.1 401 Unauthorized
Date: Fri, 02 Nov 2018 21:50:27 GMT
Server: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5
Allow: GET, HEAD, OPTIONS
Vary: Origin
X-Frame-Options: SAMEORIGIN
WWW-Authenticate: JWT realm="api"
Content-Length: 58
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json

当它工作时:

HTTP/1.1 200 OK
Date: Fri, 02 Nov 2018 21:50:28 GMT
Server: Apache/2.4.34 (Amazon) mod_wsgi/3.5 Python/3.6.5
Expires: Fri, 02 Nov 2018 21:50:29 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Vary: Cookie,Origin
X-Frame-Options: SAMEORIGIN
Set-Cookie: csrftoken=8Aw8toVirE5qLSt79Nhh5tDem59qLChCrZ3i7zKkLo2NzS1UZ37SVDpjl; expires=Fri, 01-Nov-2019 21:50:29 GMT; Max-Age=31449600; Path=/
Content-Length: 3876
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

我想过"打开WSGIPassAuthorization",但如果这是问题所在,它就永远不会起作用。此外,我在本地主机(mac(和服务器(打开WSGIPassAuthorization的Apache(上都有这个问题。我错过了什么?非常感谢您的帮助。

解决方案实际上非常简单。我有一个这样注册的网址:

router = DefaultRouter()
router.register(r'mymodel', views.MymodelViewSet, base_name='mymodel')

但由于一开始没有^,管理页面的regex试图调用注册的URL,而不是管理员生成的URL。所以解决方案只是添加一个^:

router = DefaultRouter()
router.register(r'^mymodel', views.MymodelViewSet, base_name='mymodel')

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium