为什么 rest_framework.authentication.BasicAuthentication 在我的代码中不起作用?
Why doesn't the rest_framework.authentication.BasicAuthentication is not working in my codes?
我的API:
from rest_framework.authentication import BasicAuthentication
"""A simple API for file upload."""
class FileUploadView(APIView):
parser_classes = (MultiPartParser,)
authentication_classes = (BasicAuthentication,)
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
return super(FileUploadView, self).dispatch(request, *args, **kwargs)
def put(self, request):
print "request:", str(request.META)
print "request:", str(request.user.username)
try:
data = {'files': 'testing'}
response = Response(data)
except Exception as e:
print "Exception when put file:", e
data = { 'error' : str(e) }
response = Response(data)
return response
以上是我的APIviews.py。我用邮递员做PUT。我没有在header授权中添加任何内容(请求header中没有HTTP_AUTHORIZATION),我可以得到{'files':'testing' } 作为我的回应。
为什么?有什么遗漏吗?谢谢
您添加了身份验证 class 但没有限制对您的视图的访问。默认情况下,DRF 具有不受限制的访问权限。请参阅文档部分:
如果未指定,此设置默认允许不受限制的访问:
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.AllowAny',
)
我的API:
from rest_framework.authentication import BasicAuthentication
"""A simple API for file upload."""
class FileUploadView(APIView):
parser_classes = (MultiPartParser,)
authentication_classes = (BasicAuthentication,)
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
return super(FileUploadView, self).dispatch(request, *args, **kwargs)
def put(self, request):
print "request:", str(request.META)
print "request:", str(request.user.username)
try:
data = {'files': 'testing'}
response = Response(data)
except Exception as e:
print "Exception when put file:", e
data = { 'error' : str(e) }
response = Response(data)
return response
以上是我的APIviews.py。我用邮递员做PUT。我没有在header授权中添加任何内容(请求header中没有HTTP_AUTHORIZATION),我可以得到{'files':'testing' } 作为我的回应。
为什么?有什么遗漏吗?谢谢
您添加了身份验证 class 但没有限制对您的视图的访问。默认情况下,DRF 具有不受限制的访问权限。请参阅文档部分:
如果未指定,此设置默认允许不受限制的访问:
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.AllowAny',
)