【发布时间】:2021-01-30 18:56:18
【问题描述】:
我最初在从我的 API 获取数据时遇到问题,它给出了“禁止”错误,现在我已经使用 cookie 和 csrf 令牌解决了这个问题,它不再工作了。
错误:
cookie_token = request.COOKIES[settings.CSRF_COOKIE_NAME] AttributeError: 'networthChart' object has no attribute 'COOKIES' [30/Jan/2021] "GET /api/networthchart/data/ HTTP/1.1" 500 102936
我正在尝试从端点获取数据并且出现此错误。 这是代码:
JS:
<script>
function getCookie(name) {
let cookieValue = null;
if (document.cookie && document.cookie !== '') {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
const csrftoken = getCookie('csrftoken');
const request = new Request(
"/api/networthchart/data/",
{headers: {'X-CSRFToken': csrftoken}}
);
$(document).ready(function(){
var endpoint = 'http://127.0.0.1:8000/api/networthchart/data/'
var defaultData = []
var labels = []
$.ajax({
method:"GET",
url: endpoint,
success: function(data){
labels = data.labels
defaultData = data.default
var ctx = document.getElementById('myChart').getContext('2d');
var myChart = new Chart(ctx, {
type: 'bar',
data: {
labels: labels,
datasets: [{
label: '# of Votes',
data: defaultData,
.......
</script>
观点:
class networthChart(APIView, View):
authentication_classes = []
permission_classes = []
@ensure_csrf_cookie
def get(self, request, format=None):
print("its working")
labels = ["Red","Green"]
default_items = [8,10]
if not self.request.user.is_active:
return HttpResponseForbidden("Not signed in") # any error you want to display
data = {
"labels" : labels,
"default" : default_items,
}
return Response(data)
【问题讨论】:
标签: django cookies django-rest-framework django-views