即使我使用的是不记名令牌,邮递员仍要求提供登录凭据
Postman asking for login credentials even though I am using a Bearer token
我有一个 Django Rest Framework 后端,它使用 Bearer 令牌对所有 APIS 的用户进行身份验证,在 POSTMAN 上测试它时,它显示 Django 管理员登录表单
link to POSTMAN screenshot
我不明白为什么它要求我在 POSTMAN 上以管理员身份进行身份验证。
根据要求,我为基础和用户添加了 urls.py:
基地urls.py
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path('', admin.site.urls),
path('user/v1/', include(('user.v1.urls', 'user'), namespace='user_v1')),
path('second-opinion/v1/', include(('second_opinion.v1.urls', 'second-opinion'), namespace='second-opinion_v1')),
path('utils/v1/', include(('utils.urls', 'utils'), namespace='utils_v1')),
]
用户urls.py
from django.urls import path
from django.conf.urls import url, include
from rest_framework import routers
from user.v1.views import UserView, NotificationView, PhysicianDetailView, PhysicianProfileRequestsView, \
ProfileInviteView, create_cognito_user, get_physician_detail
router = routers.DefaultRouter()
router.register(r'profile', UserView, basename='profile')
router.register(r'notification', NotificationView, basename='notification')
router.register(r'physician-detail', PhysicianDetailView, basename='physician-detail')
router.register(r'profile-request', PhysicianProfileRequestsView, basename='profile-request')
router.register(r'profile-invite', ProfileInviteView, basename='profile-invite')
urlpatterns = [
url(r'^', include(router.urls)),
path(r'create_default_user/', create_cognito_user),
path(r'physician/detail/<int:user_id>', get_physician_detail)
]
Rest 框架词典:
REST_FRAMEWORK = {
'DEFAULT_VERSIONING_CLASS': 'rest_framework.versioning.NamespaceVersioning',
'DEFAULT_PERMISSION_CLASSES': ['rest_framework.permissions.IsAuthenticated',],
'DEFAULT_PAGINATION_CLASS': 'utils.pagination.CustomPagination',
'DEFAULT_AUTHENTICATION_CLASSES': (
'django_cognito_jwt.JSONWebTokenAuthentication',
),
'PAGE_SIZE': 10,
'EXCEPTION_HANDLER': 'utils.custom_exception_handler.custom_exception_handler'
}
在您的 Base urls.py 中,您可以尝试将 path('', admin.site.urls), 移动到 urlpatterns 列表的末尾而不是第一个。
因为 django 按顺序解析 url,并且由于你的管理站点路径中有 '',所以你的所有 url 都解析为管理页面。
我有一个 Django Rest Framework 后端,它使用 Bearer 令牌对所有 APIS 的用户进行身份验证,在 POSTMAN 上测试它时,它显示 Django 管理员登录表单
link to POSTMAN screenshot
我不明白为什么它要求我在 POSTMAN 上以管理员身份进行身份验证。
根据要求,我为基础和用户添加了 urls.py:
基地urls.py
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path('', admin.site.urls),
path('user/v1/', include(('user.v1.urls', 'user'), namespace='user_v1')),
path('second-opinion/v1/', include(('second_opinion.v1.urls', 'second-opinion'), namespace='second-opinion_v1')),
path('utils/v1/', include(('utils.urls', 'utils'), namespace='utils_v1')),
]
用户urls.py
from django.urls import path
from django.conf.urls import url, include
from rest_framework import routers
from user.v1.views import UserView, NotificationView, PhysicianDetailView, PhysicianProfileRequestsView, \
ProfileInviteView, create_cognito_user, get_physician_detail
router = routers.DefaultRouter()
router.register(r'profile', UserView, basename='profile')
router.register(r'notification', NotificationView, basename='notification')
router.register(r'physician-detail', PhysicianDetailView, basename='physician-detail')
router.register(r'profile-request', PhysicianProfileRequestsView, basename='profile-request')
router.register(r'profile-invite', ProfileInviteView, basename='profile-invite')
urlpatterns = [
url(r'^', include(router.urls)),
path(r'create_default_user/', create_cognito_user),
path(r'physician/detail/<int:user_id>', get_physician_detail)
]
Rest 框架词典:
REST_FRAMEWORK = {
'DEFAULT_VERSIONING_CLASS': 'rest_framework.versioning.NamespaceVersioning',
'DEFAULT_PERMISSION_CLASSES': ['rest_framework.permissions.IsAuthenticated',],
'DEFAULT_PAGINATION_CLASS': 'utils.pagination.CustomPagination',
'DEFAULT_AUTHENTICATION_CLASSES': (
'django_cognito_jwt.JSONWebTokenAuthentication',
),
'PAGE_SIZE': 10,
'EXCEPTION_HANDLER': 'utils.custom_exception_handler.custom_exception_handler'
}
在您的 Base urls.py 中,您可以尝试将 path('', admin.site.urls), 移动到 urlpatterns 列表的末尾而不是第一个。
因为 django 按顺序解析 url,并且由于你的管理站点路径中有 '',所以你的所有 url 都解析为管理页面。