我正在使用 JWT 来验证用户身份,在点击登录端点时,我在 Postman 中得到以下输出
{
"message": "Login successful",
"user_id": 2,
"username": "Animesh0764",
"tokens": {
"refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTczNjU5MTAxNywiaWF0IjoxNzM1Mjk1MDE3LCJqdGkiOiI4YmJhMTczZmZkNDg0OWIzODU3YTZkMDE1MDZlNzM2ZCIsInVzZXJfaWQiOjJ9.-wX6S9yxNgFCjIR8Tu0FRc-Q2ivFDMVJouXkKkjDNtI",
"access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzM1Mjk1OTE3LCJpYXQiOjE3MzUyOTUwMTcsImp0aSI6IjdhOWU3ZDA0NTllNzQxMzFhNDM1MWVlZjVkOWRiODcyIiwidXNlcl9pZCI6Mn0.LI6afRT66MFWTpomo1E9BHn5JTrRuGoTeX0EEwMRFvQ"
}
}
在个人资料视图的承载中使用此访问令牌时,它显示:
{
"detail": "User not found",
"code": "user_not_found"
}
访问了 jwt.io 并验证了我的令牌,一切似乎都正常,它显示了正确的 user_id 但仍然无法验证。下面给出了双方的观点
#Login user
class UserLoginView(APIView):
def post(self, req):
serializer = UserLoginSerializer(data=req.data)
if serializer.is_valid(raise_exception=True):
user = serializer.validated_data['user']
return Response({
"message": "Login successful",
"user_id": user.id,
"username": user.username,
"tokens": get_tokens_for_user(user)
}, status=HTTP_200_OK)
return Response(
{"message": "Login failed"},
status=HTTP_400_BAD_REQUEST
)
#View user profile
class UserProfileView(APIView):
permission_classes = [IsAuthenticated]
def get(self, req):
print(f"Request user: {req.user}")
print(f"User authenticated: {req.user.is_authenticated}")
if req.user.is_authenticated:
user = req.user
serializer = UserProfileSerializer(user)
return Response(serializer.data, status=HTTP_200_OK)
return Response({"message": "Unauthorized"}, status=HTTP_401_UNAUTHORIZED)
它应该验证令牌,然后显示响应 200,但始终显示 401 未经授权
甚至添加了
settings.py您可以提供所有的代码setting.py,view.py和urls.py吗