我是django的初学者。我只想发布并注册用户。如果我这样做,我收到错误" CSRF失败:CSRF令牌丢失或不正确。"我的apiview是这样的。
class RegistrationView(APIView):
""" Allow registration of new users. """
permission_classes = (permissions.AllowAny,)
def post(self, request):
serializer = RegistrationSerializer(data=request.DATA)
# Check format and unique constraint
if not serializer.is_valid():
return Response(serializer.errors,\
status=status.HTTP_400_BAD_REQUEST)
data = serializer.data
# u = User.objects.create_user(username=data['username'],
# email=data['email'],
# password='password')
u = User.objects.create(username=data['username'])
u.set_password(data['password'])
u.save()
# Create OAuth2 client
name = u.username
client = Client(user=u, name=name, url='' + name,\
client_id=name, client_secret='', client_type=1)
client.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
我已经阅读了有关CSRF令牌的内容。
How to make a POST simple JSON using Django REST Framework? CSRF token missing or incorrect
在我的setting.py中,就像这样。我需要改变全球水平吗?或者我应该在哪里修改,以便在注册新用户时我不会遇到CSRF令牌错误?
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES':
('rest_framework.authentication.OAuth2Authentication',
'rest_framework.authentication.SessionAuthentication'),
'DEFAULT_MODEL_SERIALIZER_CLASS':
'rest_framework.serializers.ModelSerializer',
'DEFAULT_PERMISSION_CLASSES':
('rest_framework.permissions.IsAdminUser',)
}
答案 0 :(得分:0)
如果您在Django REST框架中使用SessionAuthentication
,那么您需要在POST中提供CSRF令牌。请查看此链接Working with AJAX, CSRF & CORS。