回答此问题可获得 20 贡献值,回答如果被采纳可获得 50 分。
<p>我已经在这个主题上找到了十几个类似的SO帖子,并将他们的解决方案应用到了我所理解的最好的地方,但它们对我来说并不管用。<strong>为什么我在使用AJAX补丁请求命中Django Rest Framework端点之后得到这个错误</strong><code>detail: "Authentication credentials were not provided."</code>?<em>谢谢你的帮助!</em></p>
<p><strong>一些细节</strong></p>
<ul>
<li>标题告诉我“状态代码:401未授权”</li>
<li>我在本地主机开发服务器(Postgres)上</li>
<li>在这个应用程序中的其他应用程序上运行的任何其他django表单或ajax(get和Posts)请求都不会出现此错误。在</li>
<li>这是我第一次尝试修补程序请求</li>
<li>最终,一旦这个Ajax补丁请求起作用,我只想将<code>bookid</code>添加到<code>api.BookGroup</code>模型中的ManyToManyField<code>books</code>字段中</li>
<li>我试着按照类似帖子中的建议调整设置.py允许正确的身份验证和权限方法。在</li>
<li>关于<a href="https://www.django-rest-framework.org/api-guide/permissions/#api-reference" rel="nofollow noreferrer">the DRF documentation</a>,我还将权限类更改为<code>permission_classes = (IsAuthenticated,)</code>,如果我在发出请求时登录,则允许进行修补程序请求(是的,我肯定已登录)</li>
<li><p>ajax头中的表单数据表明我正确地传递了CSRF令牌和适当的变量:</p>
<pre><code>csrfmiddlewaretoken: UjGnVfQTfcmkZKtWjI0m89zlAJqR0wMmUVdh1T1JaiCdyRe2TiW3LPWt
bookid: 1
bookgroupid: 71
</code></pre></li>
</ul>
<p><strong>AJAX</strong></p>
^{pr2}$
<p><strong>网址.py</strong></p>
<pre><code>from django.urls import path, include
from django.conf.urls import url
from . import views
from django.conf import settings
from django.conf.urls.static import static
urlpatterns = [
path('', include(router.urls)),
url(r'bookgroups/\d+/$', views.BookGroupUpdateSet.as_view()),
] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
</code></pre>
<p><strong>视图.py</strong></p>
<pre><code>from rest_framework.generics import ListAPIView, DestroyAPIView, UpdateAPIView, RetrieveAPIView
from rest_framework.authentication import TokenAuthentication, SessionAuthentication, BasicAuthentication
from rest_framework.authtoken.serializers import AuthTokenSerializer
from rest_framework.authtoken.views import ObtainAuthToken
from rest_framework.permissions import IsAuthenticatedOrReadOnly, IsAuthenticated
from . import serializers, models, permissions
class BookGroupUpdateSet(UpdateAPIView):
queryset = models.BookGroup.objects.all()
model = models.BookGroup
serializer_class = serializers.BookGroupUpdateSerializer
def patch(self, request, pk=None):
permission_classes = (IsAuthenticated,)
authentication_classes = (TokenAuthentication,)
bookid = request.Patch['bookid']
bookgroupid = request.Patch['bookgroupid']
print("...Print stuff...")
</code></pre>
<p><strong>设置.py</strong></p>
<pre><code>INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'authenticate',
'api',
'rest_framework',
'rest_framework.authtoken',
]
AUTH_USER_MODEL = "api.UserProfile"
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
# 'rest_framework.permissions.AllowAny', # I've tried this too, same results
'rest_framework.permissions.IsAuthenticated',
)
}
</code></pre>