具有 JWT 用户身份验证的 Django Rest Framework(获取匿名用户)
Django Rest Framework With JWT user authentication (getting anonymous user )
我正在使用 JWT 和 Django 来验证来自 Ajax jquery 的请求。我的 Jquery 是
$.ajax({
url: "/customerapi/get-customer-detail/",
type: 'GET',
// headers: {"Token": localStorage.getItem('token')},
beforeSend: function (xhr) {
/* Authorization header */
xhr.setRequestHeader("Authorization", "Token " + localStorage.getItem('token'));
xhr.setRequestHeader("X-Mobile", "false");
},
success: function (res) {
}
});
当我在服务器上收到此请求时,我会像这样进行身份验证
from rest_framework.permissions import IsAuthenticated
class GetCustomerData(APIView):
authentication_classes = (JSONWebTokenAuthentication, )
permission_classes = (IsAuthenticated ,)
def get(self, request):
try:
Customer.objects.get(id=request.user)
这里我的 Request.user 总是匿名的。为什么会这样?
我的中间件 类 是
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
它应该是 JWT 而不是 Token inside header value:
xhr.setRequestHeader("Authorization", "JWT " + localStorage.getItem('token'));
我正在使用 JWT 和 Django 来验证来自 Ajax jquery 的请求。我的 Jquery 是
$.ajax({
url: "/customerapi/get-customer-detail/",
type: 'GET',
// headers: {"Token": localStorage.getItem('token')},
beforeSend: function (xhr) {
/* Authorization header */
xhr.setRequestHeader("Authorization", "Token " + localStorage.getItem('token'));
xhr.setRequestHeader("X-Mobile", "false");
},
success: function (res) {
}
});
当我在服务器上收到此请求时,我会像这样进行身份验证
from rest_framework.permissions import IsAuthenticated
class GetCustomerData(APIView):
authentication_classes = (JSONWebTokenAuthentication, )
permission_classes = (IsAuthenticated ,)
def get(self, request):
try:
Customer.objects.get(id=request.user)
这里我的 Request.user 总是匿名的。为什么会这样?
我的中间件 类 是
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
它应该是 JWT 而不是 Token inside header value:
xhr.setRequestHeader("Authorization", "JWT " + localStorage.getItem('token'));