我有这种说法Django的REST框架故宫CSRF的cookie没有设置
from rest_framework import parsers, renderers
from rest_framework.authtoken.models import Token
from rest_framework.authtoken.serializers import AuthTokenSerializer
from rest_framework.response import Response
from rest_framework.views import APIView
from .serializers import EmailUserSerializer
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt
@method_decorator(csrf_exempt, name='post')
class ObtainAuthToken(APIView):
throttle_classes =()
permission_classes =()
parser_classes = (parsers.FormParser, parsers.MultiPartParser, parsers.JSONParser,)
renderer_classes = (renderers.JSONRenderer,)
serializer_class = AuthTokenSerializer
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, created = Token.objects.get_or_create(user=user)
user_serializer = EmailUserSerializer(user)
return Response({'token': token.key, 'user': user_serializer.data})
obtain_auth_token = ObtainAuthToken.as_view()
这个网址
urlpatterns = [
url(r'^login/$',views.obtain_auth_token, name='get_auth_token'),
url(r'^login2/$',ObtainAuthToken, name='get_auth_token'),
]
我试图用这样的邮递员发布:
127.0.0.1:8000/api/login2/
但我只能收到此错误
Forbidden (CSRF cookie not set.): /api/login2/
[02/Jul/2017 22:49:11] "POST /api/login2/ HTTP/1.1" 403 2891
我知道有数百个职位这样的,我搜索了很久一个解决方案,但似乎没有任何工作
tryied这样
urlpatterns = patterns('',
url('^login2/$', csrf_exempt(ObtainAuthToken)),
...
)
这
from django.utils.decorators import method_decorator
class LoginView(APIView):
@method_decorator(csfr_exempt)
def dispatch(self, *args, **kwargs):
...
,也这
from django.utils.decorators import method_decorator
@method_decorator(csrf_exempt, name='dispatch')
class LoginView(APIView):
...
and this
@method_decorator(csrf_exempt, name='post')
class ObtainAuthToken(APIView):
throttle_classes =()
...
@csrf_exempt
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data)
尝试'@method_decorator(csrf_exempt,name ='post')' - >'@ csrf_exempt' ...看看是否可以解决它? –
你的意思是? @method_decorator(csrf_exempt,名称= '后') 类ObtainAuthToken(APIView): throttle_classes =()... @csrf_exempt 高清张贴(个体经营,要求,* ARGS,** kwargs): 串行= self.serializer_class(data = request.data) ... 仍然没有工作 –