DRF视图与Django视图中的request.user

时间:2019-06-03 10:29:49

标签: django django-rest-framework

我正在尝试在API中获取经过身份验证的用户。这是代码:-

DRF视图

from braces.views import CsrfExemptMixin
from rest_framework import generics

class API(CsrfExemptMixin, generics.CreateAPIView):
    authentication_classes = []
    serializer_class = SomeSerializer

    def post(self, request):
        print(request.user.id)  # None

Django视图

from django.views import View
from braces.views import CsrfExemptMixin

class API(CsrfExemptMixin, View):
    authentication_classes = []

    def post(self, request):
        print(request.user.id)  # prints id of the user.

为什么我在2种不同的情况下会得到不同的答复?以下是我的设置。

AUTHENTICATION_BACKENDS = (
    # Needed to login by username in Django admin, regardless of `allauth`
    'django.contrib.auth.backends.ModelBackend',

    # `allauth` specific authentication methods, such as login by e-mail
    'allauth.account.auth_backends.AuthenticationBackend',

    # Needed to login by email
    'modules.profile.backend.EmailBackend'
)


REST_FRAMEWORK = {
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
    'DEFAULT_FILTER_BACKENDS': ('django_filters.rest_framework.DjangoFilterBackend',),
    'EXCEPTION_HANDLER': 'modules.utils.exception_handler.custom_exception_handler',
    'PAGE_SIZE': 10,
}

1 个答案:

答案 0 :(得分:2)

您尚未定义要使用DRF的任何身份验证后端。您应该在视图中指定它:

from rest_framework.authentication import SessionAuthentication

class API(CsrfExemptMixin, generics.CreateAPIView):
    authentication_classes = [SessionAuthentication]

或从视图中完全删除authentication_classes并在您的REST_FRAMEWORK设置中添加SessionAuthentication后端:

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.SessionAuthentication',
    ),
    ...
}