TokenAuthentication:无法验证
问题描述:
我试图从Django rest框架实现TokenAuthentication。 我能够从服务器获取的令牌密钥,TokenAuthentication:无法验证
$curl -d "username=admin&password=admin" http://localhost:8000/api-token-auth/
{"token":"a571a596eab2e4063da4b9250a05b570ba8e9786"}
但我不能得到任何API使用它,
curl -X GET http://localhost:8000/cart/ -H "Authorization: Token a571a596eab2e4063da4b9250a05b570ba8e9786"
{"detail":"Authentication credentials were not provided."}
我的设置文件,
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'rest_framework.authtoken',
'myapp',
)
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
#rest framework
REST_FRAMEWORK = {
'DEFAULT_FILTER_BACKENDS': (
'rest_framework.filters.DjangoFilterBackend',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
'rest_framework.permissions.DjangoObjectPermissions',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
)
}
答
您在
中缺少TokenAuthentication后端'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
)
只需添加rest_framework.authentication.TokenAuthentication行。请记住,顺序很重要,因为身份验证后端会按顺序进行测试。
它的作品!我也有同样的怀疑。我们有基本认证和会话认证课程。在文档中没有给出令牌认证。谢谢 !! – Netro
drf对身份验证后端,过滤,权限等工作始终是一样的。很高兴帮助=)。 – argaen