GET请求期间在Django中进行身份验证 [英] Authentication in Django during GET request

问题描述

我需要通过android应用程序向Django服务器发送GET请求.问题在于此GET函数是使用Django @@ login_required编写的.

登录和执行GET请求应该执行哪种请求?

我的API:

来自django.shortcuts的

 导入渲染从django.http导入HttpResponse，HttpResponseServerError，HttpResponseBadRequest从rest_framework.decorators导入api_view从.models导入顺序，新导入json从django.shortcuts导入render_to_response从.forms导入NewForm从django.core.files.storage导入FileSystemStorage从django.contrib.auth.decorators导入login_required来自.validation import *从django.views.decorators.csrf导入csrf_exempt@需要登录@api_view(['GET'])def get_order(要求):order_list = Order.objects.values(用户名"，用户名"，"order_date").all()返回HttpResponse(json.dumps([x表示订单列表中的x] 

我的urls.py:

django.urls导入路径中的

 从django.conf.urls导入URL从 .导入视图app_name ='API'urlpatterns = [url(r'^ $'，views.index，name ='index')，url(r'^ order'，views.order，name ='order')，url(r'^ get_order'，views.get_order，name ='get_order')] 

和:

来自django.contrib的

 导入管理员从 .导入设置从django.views.static导入服务从django.urls导入路径，包括re_path从django.conf.urls.static导入静态从API.views导入索引urlpatterns = [path('API/'，include('API.urls'，namespace ="API"))，路径("admin/"，admin.site.urls)，path(''，index，name ='index')，path(r'^ api-auth/'，include('rest_framework.urls'，namespace ='rest_framework'))，re_path(r'^ media/(?P< path>.*)$'，服务，{'document_root':settings.MEDIA_ROOT})] 

在邮递员中，我正在执行GET(

UPDATE-2
如下更改视图

从rest_framework.decorators导入

 从rest_framework.permissions导入IsAuthenticated从rest_framework.response导入响应@permission_classes((IsAuthenticated，))@api_view(['GET'])def get_order(要求):order_list = Order.objects.values(用户名"，用户名"，"order_date").all()返回响应(数据= [x用于order_list中的x]) 

I need to do a GET request to my Django server through an android application. The problem is that this GET function is written in Django with a @login_required.

What kind of request should i do to login and perform the GET request?

My API:

from django.shortcuts import render
from django.http import HttpResponse,HttpResponseServerError, HttpResponseBadRequest
from rest_framework.decorators import api_view
from .models import Order, New
import json
from django.shortcuts import render_to_response
from .forms import NewForm
from django.core.files.storage import FileSystemStorage
from django.contrib.auth.decorators import login_required
from .validation import *
from django.views.decorators.csrf import csrf_exempt
@login_required
@api_view(['GET'])
def get_order(request):

    order_list = Order.objects.values("user_name",
                        "user_surname",
                        "order_date").all()

    return HttpResponse(json.dumps([x for x in order_list])

My urls.py:

from django.urls import path
from django.conf.urls import url
from . import views

app_name = 'API'
urlpatterns = [
    url(r'^$', views.index, name='index'),
    url(r'^order', views.order, name='order'),
    url(r'^get_order', views.get_order, name='get_order')]

and:

from django.contrib import admin
from . import settings
from django.views.static import serve
from django.urls import path, include, re_path
from django.conf.urls.static import static
from API.views import index

urlpatterns = [
    path('API/', include('API.urls',namespace="API")),
    path('admin/', admin.site.urls),
    path('', index, name='index'),
    path(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
    re_path(r'^media/(?P<path>.*)$', serve, {'document_root': settings.MEDIA_ROOT})
]

In Postman i'm performing a GET (http://127.0.0.1:8000/API/get_order) with basic auth, receiving 302 status code.

解决方案

I'm not sure how this can be done in Android side, but the basic idea is that you should add authentication credentials in your GET request.

I'll show you an example of the same by using Python's Requests library

from requests.auth import HTTPBasicAuth
import requests

requests.get('http://my/url/end/poin/', auth=HTTPBasicAuth('my_username', 'mypass'))

May be these results will help you to find the answer ;)


UPDATE

1. go to Authorization tab
2. choose Basic Auth type
3. Provide your username and password in respective text boxes
4. hit the send button

UPDATE-2
change your view as below

from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response


@permission_classes((IsAuthenticated,))
@api_view(['GET'])
def get_order(request):
    order_list = Order.objects.values("user_name",
                                      "user_surname",
                                      "order_date").all()

    return Response(data=[x for x in order_list])

这篇关于GET请求期间在Django中进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！