Django Rest框架没有为未经身份验证的用户提供403错误

时间:2017-12-04 15:19:36

标签: django django-rest-framework django-views python-decorators

我使用Django restframework令牌,装饰器和权限使用django普通视图制作api 如下所示

@api_view(['GET'])
@permission_classes((IsAuthenticated, ))
def test(request, format=None):
    permission_classes = [IsAuthenticated]
    content = {"hello":"world"} 
    return Response(content)

即使我没有在标题中添加令牌,也总是给我结果 请注意,我添加了所有必需的设置 我的settings.py 

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'myapp',
    'rest_framework',
    'rest_framework.authtoken',
    #'utils',
    'schedule',

]

# SWAGGER_SETTINGS = {
# 'JSON_EDITOR': True,
# }

MIDDLEWARE_CLASSES = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',

]
REST_FRAMEWORK = {
   'DEFAULT_AUTHENTICATION_CLASSES': (
       'rest_framework.authentication.BasicAuthentication', 
       'rest_framework.authentication.TokenAuthentication',
       'rest_framework.authentication.SessionAuthentication',
   ),
   'DEFAULT_PERMISSION_CLASSES': (
       'rest_framework.permissions.IsAuthenticated',
   ),
#     'DEFAULT_RENDERER_CLASSES': (
#         'rest_framework.renderers.JSONRenderer',
#     ),
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 2,
    'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler'

}REST_FRAMEWORK = {
   'DEFAULT_AUTHENTICATION_CLASSES': (
       'rest_framework.authentication.BasicAuthentication', 
       'rest_framework.authentication.TokenAuthentication',
       'rest_framework.authentication.SessionAuthentication',
   ),
   'DEFAULT_PERMISSION_CLASSES': (
       'rest_framework.permissions.IsAuthenticated',
   ),
#     'DEFAULT_RENDERER_CLASSES': (
#         'rest_framework.renderers.JSONRenderer',
#     ),
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 2,
    'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler'

}
  

根据文档,它应该给出403状态错误,因为用户未经过身份验证但是它提供了200个具有正常数据的响应

0 个答案:

没有答案
相关问题
最新问题