问题描述
两个为Django编写的JWT软件包都给我带来了文档质量不佳的问题,因此我尝试使用DRF-auth_token软件包.这是我遵循的一个很好的示例, Django Rest Framework令牌认证.从理论上讲,您应该可以进入
Both JWT packages written for Django gave me issues with poor documentation, so I try DRF-auth_token package. This is a good example I followed, Django Rest Framework Token Authentication. You should in theory be able to go to
localhost:8000/api-token-auth/
urls.py:
from django.conf.urls import url, include
from django.contrib import admin
from django.contrib.auth.models import User
from rest_framework.authtoken import views
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^api/', include('api.urls', namespace='api')),
url(r'^orders/', include('orders.urls', namespace='orders')),
url(r'^api-token-auth/', views.obtain_auth_token, name='auth-token'),
]
为用户获取令牌无法正常工作,因此我自己重写了令牌以使其正常工作:
Getting a token for users is not working so I have rewritten it myself to make it work:
@api_view(['POST'])
def customer_login(request):
"""
Try to login a customer (food orderer)
"""
data = request.data
try:
username = data['username']
password = data['password']
except:
return Response(status=status.HTTP_400_BAD_REQUEST)
try:
user = User.objects.get(username=username, password=password)
except:
return Response(status=status.HTTP_401_UNAUTHORIZED)
try:
user_token = user.auth_token.key
except:
user_token = Token.objects.create(user=user)
data = {'token': user_token}
return Response(data=data, status=status.HTTP_200_OK)
我的版本有效:
http://localhost:8000/api/login/customer-login/
{"username": "[email protected]", "password": "wombat"}
-->
{
"token": "292192b101153b7ced74dd52deb6b3df22ef2c74"
}
DRF auth_token不起作用:
The DRF auth_token does not work:
http://localhost:8000/api-token-auth/
{"username": "[email protected]", "password": "wombat"}
-->
{
"non_field_errors": [
"Unable to log in with provided credentials."
]
}
settings.py
settings.py
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# third party:
'django_extensions',
'rest_framework',
'rest_framework.authtoken',
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
)
}
似乎设置正确.我数据库中的每个用户都有一个令牌. DB中的每个用户都是is_authenticated
和is_active
.超级用户可以获得其令牌:
It seems set up correctly. Every user in my DB has a token. Each user is is_authenticated
and is_active
in DB. Super users can get their token:
localhost:8000/api-token-auth/
{"username": "mysuperuser", "password": "superuserpassword"}
-->
{
"token": "9297ff1f44dbc6caea67bea534f6f7590d2161b0"
}
由于某些原因,只有超级用户才能获得令牌:
for some reason, only super user can get a token:
localhost:8000/api-token-auth/
{"username": "regularguy", "password": "password"}
-->
{
"non_field_errors": [
"Unable to log in with provided credentials."
]
}
为什么我的用户无法登录并获得其令牌?谢谢
Why can't my users log in and get their token? Thank you
推荐答案
我从 drf令牌身份验证文档,并且没有遇到超级用户,staffusers或普通用户的任何问题.
I went ahead and did this from the drf token auth docs and didn't run into any problems with superusers, staffusers, or normal users.
也请尝试遵循官方文档的步骤而不是该SO答案,看看是否可以解决问题-可能有所更改.
Also try following the steps of the official docs instead of that SO answer and see if that fixes the problem - it's possible something changed.
这是我采取的一般步骤:
Here were the general steps I took:
- 安装django,drf
- 在INSTALLED_APPS中放入"rest_framework"和"rest_framework.authtoken"
- 在我的rest_framework设置中添加"TokenAuthentication"
- 运行迁移
- 为用户创建令牌(我刚刚在urls.py中做到了)
- 创建令牌的网址
- POST http://localhost:8000/token/ {用户名":"... ," password:" ...}
- install django, drf
- put 'rest_framework' and 'rest_framework.authtoken' in INSTALLED_APPS
- add 'TokenAuthentication' in my rest_framework settings
- run migrate
- create tokens for users (I just did this in urls.py)
- create the url for token
- POST http://localhost:8000/token/ {"username": "...", "password": "..."}
如果您在任何地方公开代码,我将很高兴进一步查看并发现我的发现.
If you have the code public anywhere I'd be glad to take a further look and see what I find.
这篇关于DRF auth_token:"non_field_errors":[“无法使用提供的凭据登录."的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!