我使用 Django REST 框架,其中 Django 为后端,React 为前端。我正在尝试从前端向 get_user 端点发出 GET 请求。但是,即使当我调用 login_user 并确认 user_is_authenticated = true 时,当我调用 get_user 端点时,它总是返回 false 并且我得到一个 AnonymousUser。在我的前端 axios 调用中,我将 withCredentials 设置为 true。我还确认在 chrome 开发工具的存储部分下正在创建 session_id
前端调用 get_user 端点
useEffect(() => {
(async () => {
axios
.get(url, {
withCredentials: true,
})
.then((res) => {});
})();
}, [location]);
views.py 文件
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.hashers import make_password
from rest_framework import serializers, status, permissions, status
from rest_framework.decorators import api_view, authentication_classes
from rest_framework.response import Response
from users.serializers import UserSerializer
from django.contrib.auth.models import User
@api_view(['GET'])
def get_user(request):
print(request.user.is_authenticated)
return Response(status=status.HTTP_200_OK)
@api_view(['POST'])
def register_user(request):
match_username = User.objects.all().filter(
username=request.data['username'])
match_email = User.objects.all().filter(email=request.data['email'])
serializer = UserSerializer(data=request.data)
if serializer.is_valid() and not match_username and not match_email:
user = User.objects.create(username=serializer.data['username'], password=make_password(
serializer.data['password']), email=serializer.data['email'])
user.save()
send_register_email(
serializer.data['username'], serializer.data['email'])
return Response(status=status.HTTP_201_CREATED, data=UserSerializer(user).data)
else:
if match_username:
return Response(status=status.HTTP_400_BAD_REQUEST, data='Username already exists')
elif match_email:
return Response(status=status.HTTP_400_BAD_REQUEST, data='Email already exists')
else:
return Response(status=status.HTTP_400_BAD_REQUEST, data="Invalid email")
@api_view(['POST'])
def login_user(request):
username = User.objects.all().filter(username=request.data['username'])
if not username:
return Response(status=status.HTTP_400_BAD_REQUEST, data='Username not found')
user = authenticate(
username=request.data['username'], password=request.data['password'])
if user is not None:
login(request, user)
return Response(status=status.HTTP_200_OK, data=UserSerializer(user).data)
else:
return Response(status=status.HTTP_400_BAD_REQUEST, data='Incorrect password')
https://www.django-rest-framework.org/api-guide/authentication/
默认情况下,您需要将
authentication_classes
添加到视图