Question

技术堆栈：-Django1.10 + python3.6 + docker + DRF + React + Axios +跨域

错误：-“详细信息”：“未提供身份验证凭据。”

一旦我获得access_token，我就会使用相同的访问令牌进行GET调用，并且每次我收到带有上述错误的401状态代码

django-oauth-toolkit的集成部分

我的设置：-

INSTALLED_APPS = (
    'oauth2_provider',
    'rest_framework',
    'django_filters',
    # search engine driver

)

REST_FRAMEWORK = {
    # Use Django's standard `django.contrib.auth` permissions,
    # or allow read-only access for unauthenticated users.
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
        # 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
    ],
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.SessionAuthentication',
        'apps.common.authentication.SessionTokenAuthentication',
        'oauth2_provider.ext.rest_framework.OAuth2Authentication',
    ],
    # maybe we need to add this to prod settings
    # 'DEFAULT_RENDERER_CLASSES': [
    #     'rest_framework.renderers.JSONRenderer'
    # ],
}

OAUTH2_PROVIDER = {
    # this is the list of available scopes
    'SCOPES': {'read': 'Read scope', 'write': 'Write scope', 'groups': 'Access to your groups'},
    'ACCESS_TOKEN_EXPIRE_SECONDS': 36000,
}

views.py

class SomeView(views.APIView):
    authentication_classes = [OAuth2Authentication]
    permission_classes = [TokenHasScope]
    http_method_names = ['get', 'head', 'options']

    def get(self, request, *args, **kwargs):
        # dom something
        return

但是，如果我删除TokenHasScope权限，它将运行平稳。几秒钟前生成令牌时该令牌如何过期？或者出现此错误的原因是

django-oauth-toolkit-0.11权限引发401

0 个答案: