"rest_framework CSRF token failed" 但它已在请求 header 中设置为 "X-CSRF-Token"
"rest_framework CSRF token failed" but it's already set in the request header as "X-CSRF-Token"
已经检查了其他主题并尝试了已回答的解决方案,但问题仍然存在。我的 put/post 请求 return 有错误。
detail: "CSRF Failed: CSRF token missing or incorrect."
尽管我在 header axios.defaults.headers.common['X-CSRF-Token'] = CSRF_TOKEN;
中发送 CSRFToken
这就是 CSRF
顺便说一句,在settings.py中我设置了身份验证类
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
],
另外views.py
class ProjectViewSet(viewsets.ViewSet):
permission_classes = [IsAuthenticated | IsSuperUser]
# retrieve works without a problem
def retrieve(self, request, pk=None):
queryset = Project.objects.all().filter(company_user=self.request.user)
project = get_object_or_404(queryset, pk=pk)
serializer = ProjectSerializer(project)
return Response(serializer.data)
def update(self, request, pk=None):
# CSRF request problem
pass
def partial_update(self, request, pk=None):
# CSRF request problem
pass
和urls.py
router = DefaultRouter()
router.register('project', views.ProjectViewSet, basename='project')
urlpatterns = router.urls
我在这里遗漏了什么吗?为什么我总是出现 CSRF 错误?
您应该使用 X-CSRFToken 而不是 X-CSRF-Token
已经检查了其他主题并尝试了已回答的解决方案,但问题仍然存在。我的 put/post 请求 return 有错误。
detail: "CSRF Failed: CSRF token missing or incorrect."
尽管我在 header axios.defaults.headers.common['X-CSRF-Token'] = CSRF_TOKEN;
这就是 CSRF
顺便说一句,在settings.py中我设置了身份验证类
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
],
另外views.py
class ProjectViewSet(viewsets.ViewSet):
permission_classes = [IsAuthenticated | IsSuperUser]
# retrieve works without a problem
def retrieve(self, request, pk=None):
queryset = Project.objects.all().filter(company_user=self.request.user)
project = get_object_or_404(queryset, pk=pk)
serializer = ProjectSerializer(project)
return Response(serializer.data)
def update(self, request, pk=None):
# CSRF request problem
pass
def partial_update(self, request, pk=None):
# CSRF request problem
pass
和urls.py
router = DefaultRouter()
router.register('project', views.ProjectViewSet, basename='project')
urlpatterns = router.urls
我在这里遗漏了什么吗?为什么我总是出现 CSRF 错误?
您应该使用 X-CSRFToken 而不是 X-CSRF-Token