小贝子编程

Django REST框架客户端.login()不工作.(用户创建)



我正在使用Django REST框架构建简单的API,curl和API web管理员的一切都能正常工作,但如果我运行以下测试:

class OrderTest(APITestCase):
    username = 'admin'
    password = '12345'
    def setUp(self):
        User.objects.create(
            username=self.username,
            password=self.password,
            email='demo@demo.com',
            is_superuser=True,
            is_staff=True
        )
    def test_create_order_by_admin(self):
        url = '/api/orders/'
        data = {
            'name': 'John Doe',
            'phone': '380000000000',
            'status': 1,
            'email': 'jonhn.doe@gmail.com',
            'date': datetime.now(),
        }
        # Cheking if user exist
        self.assertEqual(User.objects.get(pk=1).username, self.username)
        self.client.login(
            username=self.username,
            password=self.password,
        )
        response = self.client.post(url, data, format='json')
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
        self.assertEqual(Order.objects.count(), 1)
        for key, value in data.items():
            self.assertEqual(Order.objects.get().key, value)

它失败并出现以下错误:

Failure
Traceback (most recent call last):
  File "/home/linevich/projects/swebion.com/project/order_form/tests.py", line 71, in test_create_order_by_admin
    self.assertEqual(response.status_code, status.HTTP_201_CREATED)
AssertionError: 403 != 201

这意味着client.login()不起作用。有什么想法吗?

您不应该直接设置密码。这将以明文形式存储密码,而Django在尝试登录时将尝试哈希算法。请参见set_password以将其加密存储。

使用authenticate功能代替客户端登录

在这里,我使用基于类的通用视图来登录用户。。

类登录(generics.CreateAPIView):"用于SignIn的API返回用户模型和访问令牌。''

    def post(self, request, *args, **kwargs):
        username = self.request.data.get('email', None)
        password = self.request.data.get('password', None)
        user = authenticate(username=username, password=password)
        response = {}
        if user:
            access = AppCustomMethods()
            access_token = access.create_access_token(user, request,
                                                      settings.XAMARIN_APPLICATION_NAME)
            response_data = {}
            response_data['access_token'] = access_token
            signup_serializer = serializers.GetUserWithAllBusinesses(user)
            response_data[settings.USER] = signup_serializer.data
            response = GetAccesUtility.data_wrapper(response_data)
            return Response(response, status=status.HTTP_200_OK)
        else:
            response['error'] = Messages.NOT_AUTHENTICATED  # error_data
            response["status_code"] = settings.HTTP_USER_ERROR
            return Response(response)

user=身份验证(username=用户名,password=密码)

Djangoauthenticate函数验证用户用户名或密码并返回用户信息。如果返回user,则生成一个新的访问令牌,并返回状态为200的响应;否则,如果用户未通过身份验证功能返回,则返回错误消息作为响应。

由于@C14L,使用User.objects.create_superuser()User.objects.create() insetad时出现问题。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium