在不同服务器上未经授权的Django Deliciouspie POST [英] Django Tastypie POST Unauthorized on different servers
问题描述
我已按照Ian Alexander的描述使用Oastpie,django-oauth2-provider和 https://github.com/ianalexander/django-oauth2-tastypie/blob/master/src/authentication.py
I have set up OAuth 2.0 as described by Ian Alexander using tastypie, django-oauth2-provider, and https://github.com/ianalexander/django-oauth2-tastypie/blob/master/src/authentication.py
这在我的本地服务器上非常出色
This works splendidly on my local server
class AllowGetAuthentication(OAuth20Authentication):
def is_authenticated(self, request, **kwargs):
""" If GET, don't check auth, otherwise fall back to parent """
if request.method == "GET":
return True
else:
return super(AllowGetAuthentication, self).is_authenticated(request, **kwargs)
class BaseModelResource(ModelResource):
class Meta:
allowed_methods = ['get', 'post']
always_return_data = True
authentication = AllowGetAuthentication()
authorization = DjangoAuthorization()
但是,在我们的托管开发服务器上运行此命令时,所有POST都会返回HTTP/1.1 401未经授权
When running this on our hosted development server, however, all POSTs come back HTTP/1.1 401 UNAUTHORIZED
我尝试了以下测试无济于事:
I've attempted the following tests to no avail:
(1)替换
DjangoAuthorization()
与
Authorization()
(2)替换
return super(AllowGetAuthentication, self).is_authenticated(request, **kwargs)
使用
return True
(3)为所有获csrf豁免的api URL创建包装器
(3) create a wrapper for all the api urls that is csrf exempt
唯一有效的方法是同时实现#1和#2(即绕过身份验证和授权),这似乎表明在网络服务器级别上,这不仅仅是拒绝所有行为.
The only things that has worked was to implement #1 and #2 at the same time (ie bypass authentication AND authorization) which seems to indicate it's not just a deny all at the webserver level.
这里的任何想法都很感激!
Any thoughts here are appreciated!
推荐答案
这是一个Apache问题将此行添加到您的站点配置文件中
It was an apache issue Add this line to your site conf file
WSGIPassAuthorization On
在哪里放置"WSGIPassAuthorization On"?
这篇关于在不同服务器上未经授权的Django Deliciouspie POST的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
