Django Rest框架抱怨CSRF [英] Django Rest Framework complaining about CSRF
本文介绍了Django Rest框架抱怨CSRF的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我已经开发了一个简单的Web服务,但是没有使用Django Rest Framework发布,因为它抱怨CSRF:
I have developed a simple webservice, but failed to use post with Django Rest Framework as it complains about CSRF:
detail :CSRF失败:CSRF cookie未设置。
"detail": "CSRF Failed: CSRF cookie not set."
删除api_view装饰器会阻止消息出现,将无法访问request.data。我认为api_view会检查CSRF,尽管我添加了csrf_exempt装饰器。
Removing the api_view decorator does stop the message from appearing but then I won't be able to access the request.data. I think that the api_view does check CSRF although I added the csrf_exempt decorator.
这是我的观点:
This is my view:
@permission_classes((IsAuthenticated, ))
@csrf_exempt
@api_view(['POST'])
def get_stats(request):
"""
Returns the stats available.
"""
user = request.user
if request.method == 'POST':
serializer = StatsRequestSerializer(data=request.data)
stats_request = serializer.data
return JSONResponse(stats_request)
#serializer = QuizSerializer(user.quizes.all(), many=True)
#return JSONResponse(serializer.data)
response = ActionResponse(status='error', error='Invalid request')
serializer = ActionResponseSerializer(response)
return JSONResponse(serializer.data, status=400)
这是我的模型:
class StatsRequest(models.Model):
"""
A model which describes a request for some stats for specific users.
"""
start_date = models.DateField()
end_date = models.DateField()
这是我的请求POST:
and this is my request POST:
{"start_date" : "1992-01-15", "end_date" : "1992-01-15" }
任何想法?
更多信息:
AUTHENTICATION_BACKENDS = (
'social.backends.facebook.FacebookOAuth2',
'social.backends.google.GoogleOAuth2',
'django.contrib.auth.backends.ModelBackend'
)
推荐答案
请参阅此链接:
在Django中禁用CSRF检查
这篇关于Django Rest框架抱怨CSRF的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文