如何使用Django REST框架制作POST简单的JSON? CSRF令牌丢失或不正确 [英] How to make a POST simple JSON using Django REST Framework? CSRF token missing or incorrect
问题描述
感谢有人向我展示如何使用JSON与Django REST框架进行简单的POST请求。我在教程中看不到任何例子吗?
Would appreciate someone showing me how to make a simple POST request using JSON with Django REST framework. I do not see any examples of this in the tutorial anywhere?
这是我要POST的角色模型对象。这将是一个全新的角色,我想添加到数据库,但我有一个500错误。
Here is my Role model object that I'd like to POST. This will be a brand new Role that I'd like to add to the database but I'm getting a 500 error.
{
"name": "Manager",
"description": "someone who manages"
}
这是我在bash终端提示符下的卷曲请求:
Here is my curl request at a bash terminal prompt:
curl -X POST -H "Content-Type: application/json" -d '[
{
"name": "Manager",
"description": "someone who manages"
}]'
http://localhost:8000/lakesShoreProperties/role
网址
http://localhost:8000/lakesShoreProperties/roles
并且我可以拉下数据库中的所有角色,但是我似乎无法创建任何新的角色。我没有设置权限我在view.py中使用标准视图
DOES work with a GET request, and I can pull down all the roles in the database, but I can not seem to create any new Roles. I have no permissions set. I'm using a standard view in views.py
class RoleDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Role.objects.all()
serializer_class = RoleSerializer
format = None
class RoleList(generics.ListCreateAPIView):
queryset = Role.objects.all()
serializer_class = RoleSerializer
format = None
在我的 urls.py ,相关的url - 视图映射是正确的:
And in my urls.py for this app, the relevant url - view mappings are correct:
url(r'^roles/$', views.RoleList.as_view()),
url(r'^role/(?P<pk>[0-9]+)/$', views.RoleDetail.as_view()),
错误消息是:
{
"detail": "CSRF Failed: CSRF token missing or incorrect."
}
这里发生了什么,这是什么修复? localhost是跨站点请求吗?我已将 @csrf_exempt 添加到 RoleDetail 和 RoleList ,但它似乎没有改变任何东西。这个装饰器甚至可以添加到一个类,还是必须添加到一个方法?
添加 @csrf_exempt decorate,我的错误变成:
What is going on here and what is the fix for this? Is localhost a cross site request? I have added @csrf_exempt to RoleDetail and RoleList but it doesn't seem to change anything. Can this decorator even be added to a class, or does it have to be added to a method?
Adding the @csrf_exempt decorate, my error becomes:
Request Method: POST
Request URL: http://127.0.0.1:8000/lakeshoreProperties/roles/
Django Version: 1.5.1
Exception Type: AttributeError
Exception Value:
'function' object has no attribute 'as_view'
然后我将CSRF整个应用程序,我现在得到这个消息:
Then I disabled CSRF throughtout the entire app, and I now get this message:
{non_field_errors:[无效的数据]}当我知道的JSON对象是有效的json。这是一个非现场的错误,但我被困在这里。
{"non_field_errors": ["Invalid data"]} when my JSON object I know is valid json. It's a non-field error, but I'm stuck right here.
嗯,事实证明我的json无效?
Well, it turns out that my json was not valid?
{
"name": "admin",
"description": "someone who administrates"
}
vs
[
{
"name": "admin",
"description": "someone who administrates"
}
]
附带括号[],导致POST请求失败。但是使用jsonlint.com验证器,我的两个json对象都会验证。
Having the enclosing brackets [], causes the POST request to fail. But using the jsonlint.com validator, both of my json objects validate.
更新:问题在于使用PostMan发送POST在后端。请参阅 https://stackoverflow.com/a/17508420/203312
Update: The issue was with sending the POST with PostMan, not in the backend. See https://stackoverflow.com/a/17508420/203312
推荐答案
您可能需要根据您的要求发送CSRF令牌。查看 https://docs.djangoproject.com/en /1.7/ref/contrib/csrf/#csrf-ajax
You probably need to send along the CSRF token with your request. Check out https://docs.djangoproject.com/en/1.7/ref/contrib/csrf/#csrf-ajax
更新:因为您已经尝试免除了CSRF,也许这可以帮助(取决于您使用的是哪个版本的Django): https://stackoverflow.com/a/14379073/977931
Update: Because you've already tried exempting CSRF, maybe this could help (depending on which version of Django you're using): https://stackoverflow.com/a/14379073/977931
这篇关于如何使用Django REST框架制作POST简单的JSON? CSRF令牌丢失或不正确的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
