我在单元测试中使用Django Rest Framework API进行身份验证时遇到问题。通过浏览器访问系统时,系统按预期工作。但是,当在以下端点向以下类发送put请求时,我收到401 HTTP状态:
class UserDetail(RetrieveModelMixin, DestroyModelMixin, UpdateModelMixin, GenericViewSet):
authentication_classes = (BasicAuthentication, TokenAuthentication)
permission_classes = IsAuthenticated,
queryset = CustomUser.objects.all()
serializer_class = UserSerializer
以下测试如下:
class AccountTests(APITestCase):
def setUp(self):
self.user = CustomUser.objects.create_user(email="user1@test.com", password="password1", is_staff=True)
self.user.save()
self.user = CustomUser.objects.get(email="user1@test.com")
self.client = APIClient()
def test_add_name(self):
self.client.login(email="user1@test.com", password='password1')
url = reverse('customuser-detail', args=(self.user.id,))
data = {'first_name': 'test', 'last_name': 'user'}
self.client.login(email="user1@test.com", password='password1')
response = self.client.put(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
打印response.data时,我收到:
{u'detail': u'Authentication credentials were not provided.'}
client.login(...)方法返回true,但凭据似乎未附加到标头。我在IsAuthenticated权限类中的实验有一个request.user = AnonymousUser。在BasicAuthentication类中,auth = None。
我是否遗漏了在settings.py中使用BasicAuth的问题?甚至在测试本身?
感谢。
答案 0 :(得分:2)
首先,当您“提供”的凭据与模型不匹配时,会出现{u'detail': u'Authentication credentials were not provided.'}
。 (我认为这是错误的错误消息)
因此,您应该通过set_password()
方法设置用户密码,因为加密。
self.user = CustomUser.objects.create_user(email="user1@test.com", is_staff=True)
self.user.set_password("password1")
self.user.save()
或者,您可以使用force_login()
进行测试。
self.client.force_login(
user=User.objects.first(),
backend='django.contrib.auth.backends.ModelBackend' # one of your AUTHENTICATION_BACKENDS
)
答案 1 :(得分:2)
您可能需要使用force_authenticate()
方法登录,
def test_add_name(self):
self.client.force_authenticate(self.user)
........
您可以考虑重写您的测试用例,可能有点像这样,
class AccountTests(APITestCase):
def setUp(self):
self.user = CustomUser.objects.create_user(email="user1@test.com", password="password1", is_staff=True)
self.client = APIClient()
def test_add_name(self):
self.client.force_authenticate(self.user)
url = reverse('customuser-detail', args=(self.user.id,))
data = {'first_name': 'test', 'last_name': 'user'}
response = self.client.put(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)