0
Ich versuche, JWT-Token-Authentifizierung mit Django Rest Framework zu verwenden. Ich konnte das Token für Zugriff und Aktualisierung erfolgreich abrufen. Und ich habe sichergestellt, dass das Token gültig ist. Aber wenn ich versuche, mit dem Zugriffstoken auf eine geschützte apiview zuzugreifen. Es sagtDjango JWT HTTP-Autorisierung nicht übergeben
{"detail":"Authentication credentials were not provided."}.
curl -H "Authorization: JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTE0MzQzNzcxLCJqdGkiOiIwYmE5YTcxZTJmMzQ0YmRmOTM1ZWQ3MTU3ZmI2NDkyZiIsInVzZXJfaWQiOjh9.dI3t8yvNe2Z7MKXojGvFpq_Etf1cLg8QSYsNobJ6jQ0" http://localhost:8000/users/me/
jedoch auf Server-Seite habe ich die request.META mit einem HTTP_AUTHORIZAITON Feld erhalten, das die oben Token enthält.
ich zur Zeit der Entwicklung auf localhost anstelle von Apache, mit folgenden Dateien und Konfigurationen:
In views.py:
class GetMyInfo(views.APIView):
def get(self,request):
print(request.META)
user = request.user
profile = user.profile
profile_serializer = ProfileSerializer(instance = profile)
return Response(profile_serializer.data, status = HTTP_200_OK)
In url.py:
urlpatterns = [
re_path(r'^admin/', admin.site.urls),
re_path(r'^api/$', get_schema_view()),
re_path(r'^api/auth/', include('rest_framework.urls')),
re_path(r'^api/auth/token/obtain/$', TokenObtainPairView.as_view(), name = 'token_obtain_pair'),
re_path(r'^api/auth/token/refresh/$', TokenRefreshView.as_view(), name = 'token_refresh'),
re_path(r'^api/auth/token/verify/$', TokenVerifyView.as_view(), name = 'token_verify'),
#re_path(r'^api-token-auth/', authviews.obtain_auth_token, name = 'obtain_auth_token'),
re_path(r'^users/$', views.CreateUser.as_view(), name = 'register'),
re_path(r'users/(?P<uuid>[0-9a-f-]+)/$', views.GetUserInfo.as_view(), name = 'info'),
re_path(r'users/me/$', views.GetMyInfo.as_view(), name = 'myinfo'),
]
Einstellungen .py:
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'api'
]
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES':(
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES':(
'rest_framework_simplejwt.authentication.JWTAuthentication',
#'rest_framework.authentication.SessionAuthentication',
#'rest_framework.authentication.TokenAuthentication',
#'rest_framework.authentication.BasicAuthentication',
),
'TEST_REQUEST_DEFAULT_FORMAT': 'json',
}
AUTH_USER_MODEL = 'api.User'
In models.py:
@receiver(post_save, sender = settings.AUTH_USER_MODEL)
def create_auth_token(sender, instance = None, created = False, **kwargs):
if created:
Token.objects.create(user = instance)
class User(AbstractUser):
uuid = models.UUIDField(default = uuid.uuid4, unique = True)
class Profile(models.Model):
owner = models.OneToOneField(settings.AUTH_USER_MODEL,
on_delete = models.CASCADE,
primary_key = True,
related_name = 'profile')
displayname = models.CharField(max_length = 30)
location = models.CharField(max_length = 100, null = True)
bio = models.CharField(max_length = 500, null = True)
relationships = models.ManyToManyField('self',
through = 'Followings',
symmetrical = False,
related_name = 'related_to')