Django oauth工具包不适用于apache

时间:2015-11-11 09:52:53

标签: django oauth django-rest-framework

我使用django restframework& django-oauth-toolkit
我在localhost上测试我的代码,api效果很好

这是响应标题:

Allow → GET, POST, HEAD, OPTIONS
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:41:50 GMT
Server → WSGIServer/0.1 Python/2.7.10
Vary → Accept, Authorization, Cookie
X-Frame-Options → SAMEORIGIN

但我把项目放在带有apache的虚拟机上 oauth不起作用。我使用了正确的令牌,但获得了401 UNAUTHORIZED

{
  "detail": "Authentication credentials were not provided."
}

这是响应标题:

Allow → GET, POST, HEAD, OPTIONS
Connection → Keep-Alive
Content-Length → 58
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:40:37 GMT
Keep-Alive → timeout=5, max=100
Server → Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
Vary → Accept,Authorization
WWW-Authenticate → Bearer realm="api"
X-Frame-Options → SAMEORIGIN

为什么会发生这种情况? 请指导我

settings.py

OAUTH2_PROVIDER = {
    'SCOPES': {'read': 'Read scope', 'write': 'Write scope', 'groups': 'Access to your groups'},
}


AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend',
    'oauth2_provider.backends.OAuth2Backend',
)


REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'oauth2_provider.ext.rest_framework.OAuth2Authentication',
    )
}

1 个答案:

答案 0 :(得分:1)

如果您使用的是mod_wsgi,则可能需要在某处添加:

WSGIPassAuthorization On

在AWS elasticbeanstalk中修补apache配置的一种肮脏方式是将此命令添加到.ebextensions/your-environemnt.conf

commands:
  00_WSGIPassAuthorization:
    command: sed -i.bak '/WSGIScriptAlias/ aWSGIPassAuthorization On' config.py
    cwd: /opt/elasticbeanstalk/hooks

脏,因为每次重新加载服务器时都会添加一行。

相关Authorization Credentials Stripped --- django, elastic beanstalk, oauth