我的身份验证/登录视图存在问题。这个系统以前工作但我最近切换到新的服务器,无法修复它。
尝试通过身份验证视图登录时,request.user始终是AnonymousUser,就像我没有输入任何身份验证凭据一样。我已经尝试记录了request.POST,但它似乎是一个空的字典。
我在这里有一个追溯:
Environment:
Request Method: POST
Request URL: http://45.55.149.3:8000/api/auth/
Django Version: 1.8.3
Python Version: 2.7.6
Installed Applications:
('django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'webapp',
'rest_framework',
'djrill')
Installed Middleware:
('django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.security.SecurityMiddleware')
Traceback:
File "/home/appointments-app/venv/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
132. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/appointments-app/venv/local/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
58. return view_func(*args, **kwargs)
File "/home/appointments-app/venv/local/lib/python2.7/site-packages/django/views/generic/base.py" in view
71. return self.dispatch(request, *args, **kwargs)
File "/home/appointments-app/venv/local/lib/python2.7/site-packages/rest_framework/views.py" in dispatch
456. response = self.handle_exception(exc)
File "/home/appointments-app/venv/local/lib/python2.7/site-packages/rest_framework/views.py" in dispatch
453. response = handler(request, *args, **kwargs)
File "/home/appointments-app/appointments/webapp/views.py" in post
40. login(request, request.user)
File "/home/appointments-app/venv/local/lib/python2.7/site-packages/django/contrib/auth/__init__.py" in login
111. request.session[SESSION_KEY] = user._meta.pk.value_to_string(user)
Exception Type: AttributeError at /api/auth/
Exception Value: 'AnonymousUser' object has no attribute '_meta'
这里我的API身份验证视图失败了:
class AuthView(APIView):
authentication_classes = (QuietBasicAuthentication,)
def post(self, request, *args, **kwargs):
login(request, request.user)
return Response(OldUserSerializer(request.user).data)
def delete(self, request, *args, **kwargs):
logout(request)
return Response({})
是我正在使用的身份验证类:
from rest_framework.authentication import BasicAuthentication
class QuietBasicAuthentication(BasicAuthentication):
# disclaimer: once the user is logged in, this should NOT be used as a
# substitute for SessionAuthentication, which uses the django session cookie,
# rather it can check credentials before a session cookie has been granted.
def authenticate_header(self, request):
return 'xBasic realm="%s"' % self.www_authenticate_realm
答案 0 :(得分:1)
如果您使用的是Django REST框架的身份验证类,则无需登录该用户。用户将提前通过Django REST框架进行身份验证,并在此过程中验证凭据。
现在,通过调用login,您尝试登录当前用户(request.user)并将其与当前请求(request)相关联。 DRF将自动为您执行此操作,request.user将包含User实例(如果它能够对用户进行身份验证)和AnonymousUser(您看到的内容)如果无法
如果您尝试登录用户以获取Django请求(而不是DRF请求,which is different),则需要引用存储为request._request的Django请求。
login(request._request, request.user)