我从Traversy Media的youtube上学习了Redox和Django的教程。 我按照教程进行操作,现在不知道它是否被限制。
curl http://localhost:8000/api/auth/login/ -d \
'{"username": "Tom", "password": "PassWord@321"}' \
-H "Content-type: application/json" -X POST
这样做,我需要获取用户和相应的令牌,但相反,我会得到
{"detail":"Authentication credentials were not provided."}
我所做的一切=>
# settings.py
INSTALLED_APPS = [
'leads',
'rest_framework',
'frontend',
'accounts',
'knox',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
]
REST_FRAMEWORK = {
"DEFAULT_AUTHENTICATION_CLASSES": ("knox.auth.TokenAuthentication", ),
}
# serializers.py
class LoginSerializer(serializers.Serializer):
username = serializers.CharField()
password = serializers.CharField()
def validate(self, data):
user = authenticate(**data)
if user and user.is_active:
return user
raise serializers.ValidationError("Incorrect Credentials")
# api.py
class LoginAPI(generics.GenericAPIView):
serializer_class = LoginSerializer
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data = request.data)
serializer.is_valid(raise_exception = True)
user = serializer.validated_data
_, token = AuthToken.objects.create(user)
return Response({
"user": UserSerializer(user, context = self.get_serializer_context()).data,
"token": token
})
# leadmanager/urls.py
urlpatterns = [
path("api/auth/", include("accounts.urls")),
]
# accounts/urls.py
urlpatterns = [
path("login/", LoginAPI.as_view()),
]
我不知道它被压碎了。
答案 0 :(得分:1)
请添加此代码
class LoginAPI(generics.GenericAPIView):
serializer_class = LoginSerializer
permission_classes = () # empty tuple
...........
在这里您需要为permission_classes视图覆盖LoginAPI,因为permission_classes负责检查请求是否已通过身份验证。由于LoginAPI向所有用户公开,因此View没有权限检查。