无法使用邮递员和授权令牌访问后端

Unable to access backend using Postman and Authorization token

Angular 8 和 Django 3。我使用自定义视图 class CustomAuthToken 从 Django 获得 user_idtoken。我收到一个包含 tokenuser_id 的响应。我正在学习教程并想测试向 django 发送自定义 header 以查看授权是否有效。

我正在使用 Postman 并将 header 设置为 Authorization: Bearer 1a683...9e428。当我向 http://127.0.0.1:8000/users/dashboard/23 发送 GET 请求时,我收到了回复 "detail": "Authentication credentials were not provided."

我的理解是提供这些 header 应该行得通吗?或者 client-side 上有什么东西可以解码 header 并将其发回什么?

views.py

class CustomAuthToken(ObtainAuthToken):

    def post(self, request, *args, **kwargs):
        serializer = self.serializer_class(data=request.data,
                                           context={'request': request})
        serializer.is_valid(raise_exception=True)
        user = serializer.validated_data['user']
        token, created = Token.objects.get_or_create(user=user)
        return Response({
            'token': token.key,
            'user_id': user.pk,
        })

settings.py

REST_FRAMEWORK = {
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticatedOrReadOnly',

    ),
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    ),

}

urls.py

urlpatterns = [
    path('dashboard/<int:pk>', UserDashboard.as_view(), name='dashboard'),
    path(r'api-token-auth/', CustomAuthToken.as_view()),
    ]

授权中应该是Token前缀header而不是bearer:

Authorization: Token 1a683...9e428

有关详细信息,请参阅 docs