我使用验证本:如何禁用Django的注册授权?
from rest_framework.authtoken import views as rest_auth_views
url(r'^login/', rest_auth_views.obtain_auth_token)
一切工作正常,但为了创造新的帐户我在头什么是错的发送令牌。我使用这种视图创建新帐户:
@api_view(['GET', 'POST'])
def UserList(request):
"""
List all snippets, or create a new snippet.
"""
if request.method == 'GET':
users = User.objects.all()
serializer = UserSerializer(users, many=True)
return Response(serializer.data)
elif request.method == 'POST':
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
如何禁用用户注册验证?也许我的方法或想法是错误的? SOLUTION:
from rest_framework import permissions
class CustomPermission(permissions.BasePermission):
def has_permission(self, request, view):
if request.method =='POST' or (request.user and request.user.is_authenticated() and request.user.is_superuser):
return True
return False
@api_view(['GET', 'POST'])
@permission_classes([CustomPermission])
def UserList(request):
"""
List all snippets, or create a new snippet.
"""
if request.method == 'GET':
users = User.objects.all()
serializer = UserSerializer(users, many=True)
return Response(serializer.data)
elif request.method == 'POST':
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
您能从一开始就展示您的整个视野吗?即从'def'行 –
@AndreTerra我已更新我的帖子。 – wahtdbogh