当令牌是Header的一部分时,Django Rest Framework JWT-得到401错误

时间:2015-11-16 12:43:03

标签: authorization django-rest-framework jwt restangular

当我在标题中设置用户名和密码时,在服务器端使用Django REST Framework JWT,在客户端使用AngularJs和Restangular:

RestangularProvider.setDefaultHeaders({'Authorization': 'Basic ' +$base64.encode('username:password')});

它可以正常工作。

但是当我将token设置为标题的一部分时:

RestangularProvider.setDefaultHeaders({Authorization:'Bearer '+ StorageService.get("access_token")});

我得到 401(未经授权)错误。

我的观点:

class BookViewSet(DefaultsMixin, viewsets.ModelViewSet):
    queryset = Book.objects.all()
    permission_classes = (permissions.IsAuthenticated,)
    serializer_class = BookSerializer

环境:

REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
    'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
    'rest_framework.authentication.SessionAuthentication',
    'rest_framework.authentication.BasicAuthentication',
    'rest_framework_jwt.authentication.JSONWebTokenAuthentication'

),

}

请求标题(部分)

Request Headers
Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, sdch
Authorization:Bearer"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRqYW5hdGkxMUBnbWFpbC5jb20iLCJleHAiOjE0NDc2NzYxNDcsInVzZXJfaWQiOjEwOSwidXNlcm5hbWUiOiJwcDEiLCJvcmlnX2lhdCI6MTQ0NzY3MzE0N30.ImkGmK9_TNU5lCvcGzgNi-1XS_Q4c_AxHSnJOcjn6O8"
...

感谢您的帮助!

2 个答案:

答案 0 :(得分:3)

我认为这是JWT令牌类型。在这种情况下,您应该在标题中使用以下格式:

//String name = "";
String address = "";

//ask the user for the name and address of the company receiving the invoice
String name = getFromUser("name of company to invoice");
//String address = getAddress();   

答案 1 :(得分:0)

就我而言,令牌未发送。