[在服务器端使用Django REST Framework JWT,在客户端使用AngularJs和Restangular,当我在标头中设置用户名和密码时:
RestangularProvider.setDefaultHeaders({'Authorization': 'Basic ' +$base64.encode('username:password')});
它正常工作。
但是当我将令牌设置为标题时:
RestangularProvider.setDefaultHeaders({Authorization:'Bearer '+ StorageService.get("access_token")});
我收到401(未经授权)错误。
我的观点:
class BookViewSet(DefaultsMixin, viewsets.ModelViewSet):
queryset = Book.objects.all()
permission_classes = (permissions.IsAuthenticated,)
serializer_class = BookSerializer
设置:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication'
),
}
请求标题(部分)
Request Headers
Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, sdch
Authorization:Bearer"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRqYW5hdGkxMUBnbWFpbC5jb20iLCJleHAiOjE0NDc2NzYxNDcsInVzZXJfaWQiOjEwOSwidXNlcm5hbWUiOiJwcDEiLCJvcmlnX2lhdCI6MTQ0NzY3MzE0N30.ImkGmK9_TNU5lCvcGzgNi-1XS_Q4c_AxHSnJOcjn6O8"
...
感谢您的帮助!
我假设这是JWT令牌类型。在这种情况下,您应该在标题中使用以下格式:
Authorization: JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRqYW5hdGkxMUBnbWFpbC5jb20iLCJleHAiOjE0NDc2NzYxNDcsInVzZXJfaWQiOjEwOSwidXNlcm5hbWUiOiJwcDEiLCJvcmlnX2lhdCI6MTQ0NzY3MzE0N30.ImkGmK9_TNU5lCvcGzgNi-1XS_Q4c_AxHSnJOcjn6O8
就我而言,令牌未发送。