我试图仅限制仪表板访问,可以查看 仅当令牌被传递到标头但...
if request.method == "POST":
user_name = request.POST['user_name']
name = request.POST['first_name']
lastname = request.POST['last_name']
designation = request.POST['designation']
password = request.POST['password']
email = request.POST['email']
user = MyUser(username=user_name, first_name=name,
last_name=lastname)
user.set_password(password)
user.save()
obj = Employee(user=user, first_name=name,
last_name=lastname, designation=designation, email=email, isactive=False)
obj.save()
current_site = get_current_site(request)
# mail_subject = 'Activate your account.'
# message = render_to_string('Auth/email_template.html', {
# 'user': user,
# 'domain': current_site.domain,
# 'uid': urlsafe_base64_encode(force_bytes(user.id)),
# 'token': account_activation_token.make_token(user),
# })
# to_email = email
# send_mail(mail_subject, message, settings.EMAIL_HOST_USER, [to_email])
obj, create = Token.objects.get_or_create(user=user)
return JsonResponse(obj.key, safe=False)
登录视图
@csrf_exempt
@api_view(['GET', 'POST'])
def login_in(request):
if request.method == 'POST':
name = request.data['first_name']
password = request.data['password']
user = authenticate(username=name, password=password)
if user is not None:
login(request, user)
tok = Token.objects.get(user=request.user)
return JsonResponse(tok.key, safe=False)
else:
print('Not authenticated')
return render(request, 'Auth/user.html')
仪表板视图
@api_view(['GET'])
@permission_classes([IsAuthenticated])
def dash_board(request):
if request.method == 'GET':
print(request.user.is_authenticated)
return render(request, 'Auth/dashboard.html', {
'user': request.user,
})
我从雷霆客户那里得到的回复
{
"detail": "Authentication credentials were not provided."
}
<块引用>
我正在使用雷霆客户端传递请求标头,其中 授权标头设置为
Token d2ed0c39f31bb1c080753bkldd0f4c0ab96b5a07