【发布时间】:2019-10-20 21:01:12
【问题描述】:
大家好,我终于可以寻求帮助了,因为我相信我的问题让我在谷歌上搜索了第三天。我在前端使用反应,在后端使用 Django,我正在尝试注册用户,登录就像魅力一样!但是当我尝试创建新用户时出现错误
Unauthorized: /rest-auth/registration/
[05/Jun/2019 10:34:45] "POST /rest-auth/registration/ HTTP/1.1" 401 27
我确定这是注册用户的路径,因为当我在浏览器中访问该链接时,它可以正常工作。问题是我正在从这样的反应前端集发送数据
export const authSignUP = (username, email, password1, password2) => {
return dispatch => {
dispatch(authStart);
axios.post('http://127.0.0.1:8000/rest-auth/registration/', {
username: username,
email: email,
password1: password1,
password2: password2
}).then(res => {
const token = res.data.key;
const expirationDate = new Date(new Date().getTime() + 3600 * 1000);
localStorage.setItem('token', token);
localStorage.setItem('expirationDate', expirationDate);
dispatch(authSuccess(token));
dispatch(checkAuthTimeOut(3600));
})
.catch(err => {
alert(err)
// dispatch(authFail(err))
})
}
}
而我的django设置文件是这样的
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
#This is required otherwise it asks for email server
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
REST_AUTH_SERIALIZERS = {
'TOKEN_SERIALIZER': 'jobs_home.serializer.TokenSerializer',
}
ROOT_URLCONF = 'jobs_dj.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [
os.path.join(BASE_DIR, '../build')
],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
ACCOUNT_AUTHENTICATION_METHOD = 'username_email'
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = False
#Following is added to enable registration with email instead of username
AUTHENTICATION_BACKENDS = (
# Needed to login by username in Django admin, regardless of `allauth`
"django.contrib.auth.backends.ModelBackend",
# `allauth` specific authentication methods, such as login by e-mail
"allauth.account.auth_backends.AuthenticationBackend",
)
REST_USE_JWT = True
WSGI_APPLICATION = 'jobs_dj.wsgi.application'
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
CORS_ORIGIN_ALLW_ALL = True
CORS_ORIGIN_WHITELIST = (
'http://localhost:3000', 'http://127.0.0.1:8000', 'http://127.0.0.1:3000'
)
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
),
}
我真的会用别人的帮助来打破这堵墙..谢谢
【问题讨论】:
-
我不确定,所以会发表评论 - 您是否尝试将注册视图的身份验证类手动设置为 allow_any? django-rest-framework.org/api-guide/authentication
-
Okey 我知道这可能是标头错误,但我的问题是,用户未经过身份验证,我们在哪里获取标头传递参数或我们如何告诉 django 不要期望任何授权来自标题?
-
@IgorBelkov 让我试试。谢谢。会告诉你结果如何
-
我给了你错误的链接,对不起)这就是我所说的“设置允许任何”django-rest-framework.org/api-guide/permissions/#allowany设置权限类,而不是身份验证。 AllowAny 权限类将允许不受限制的访问,无论请求是经过身份验证还是未经身份验证
标签: django reactjs django-rest-framework django-allauth