gpt4 book ai didi

python - 使用DOT的带有oAuth2的Django DRF(django-oauth-toolkit)

转载 作者:行者123 更新时间:2023-12-03 12:55:06 25 4
gpt4 key购买 nike

我正在尝试使DRF与oAuth2(django-oauth-toolkit)一起使用。

我当时专注于http://httplambda.com/a-rest-api-with-django-and-oauthw-authentication/

首先,我遵循了该指令,但是后来,在遇到身份验证错误后,我设置了此演示:https://github.com/felix-d/Django-Oauth-Toolkit-Python-Social-Auth-Integration

结果是相同的:我无法使用此curl生成访问 token :

curl -X POST -d "grant_type=password&username=<user_name>&password=<password>" -u "<client_id>:<client_secret>" http://127.0.0.1:8000/o/token/

我收到此错误:
{"error": "unsupported_grant_type"}

oAuth2应用程序已使用grant_type密码设置。我将Grant_type更改为“客户端凭据”,并尝试进行以下 curl :
curl -X POST -d "grant_type=client_credentials" -u "<client_id>:<client_secret>" http://127.0.0.1:8000/o/token/

这工作,我生成了身份验证 token 。

之后,我尝试获取所有啤酒的列表:
curl -H "Authorization: Bearer <auth_token>" http://127.0.0.1:8000/beers/

我得到了这个回应:
{"detail":"You do not have permission to perform this action."}

这是 views.py 的内容,应显示啤酒:
from beers.models import Beer
from beers.serializer import BeerSerializer
from rest_framework import generics, permissions

class BeerList(generics.ListCreateAPIView):
serializer_class = BeerSerializer
permission_classes = (permissions.IsAuthenticated,)

def get_queryset(self):
user = self.request.user
return Beer.objects.filter(owner=user)

def perform_create(self, serializer):
serializer.save(owner=self.request.user)

我不确定这里可能是什么问题。首先使用“不受支持的授予类型”,然后使用其他curl调用。当我从django-oauth-toolkit进行基本教程时,也会发生这种情况。我正在使用Django 1.8.2和python3.4

感谢所有帮助!

我的settings.py看起来像这样
import os
BASE_DIR = os.path.dirname(os.path.dirname(__file__))

SECRET_KEY = 'hd#x!ysy@y+^*%i+klb)o0by!bh&7nu3uhg+5r0m=$3x$a!j@9'

DEBUG = True

TEMPLATE_DEBUG = True

ALLOWED_HOSTS = []

TEMPLATE_CONTEXT_PROCESSORS = (
'django.contrib.auth.context_processors.auth',
)

INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',

'oauth2_provider',
'rest_framework',
'beers',
)

MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)

AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
)
ROOT_URLCONF = 'beerstash.urls'

WSGI_APPLICATION = 'beerstash.wsgi.application'

DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True

STATIC_URL = '/static/'

REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
)
}

OAUTH2_PROVIDER = {
# this is the list of available scopes
'SCOPES': {'read': 'Read scope', 'write': 'Write scope'}
}

最佳答案

我已经试过您提到的演示,一切都很好。

$ curl -X POST -d "grant_type=password&username=superuser&assword=123qwe" -u"xLJuHBcdgJHNuahvER9pgqSf6vcrlbkhCr75hTCZ:nv9gzOj0BMf2cdxoxsnYZuRYTK5QwpKWiZc7USuJpm11DNtSE9X6Ob9KaVTKaQqeyQZh4KF3oZS4IJ7o9n4amzfqKJnoL7a2tYQiWgtYPSQpY6VKFjEazcqSacqTx9z8" http://127.0.0.1:8000/o/token/
{"access_token": "jlLpKwzReB6maEnjuJrk2HxE4RHbiA", "token_type": "Bearer", "expires_in": 36000, "refresh_token": "DsDWz1LiSZ3bd7NVuLIp7Dkj6pbse1", "scope": "read write groups"}
$ curl -H "Authorization: Bearer jlLpKwzReB6maEnjuJrk2HxE4RHbiA" http://127.0.0.1:8000/beers/
[]

我认为您的情况是使用错误的“授权授予类型”创建的应用程序。

使用此应用程序设置:
Name: just a name of your choice
Client Type: confidential
Authorization Grant Type: Resource owner password-based

这个 https://django-oauth-toolkit.readthedocs.org/en/latest/rest-framework/getting_started.html#step-3-register-an-application使我震惊了很多。

这是我创建的数据库文件: https://www.dropbox.com/s/pxeyphkiy141i1l/db.sqlite3.tar.gz?dl=0

您可以自己尝试。完全没有源代码更改。
Django管理员用户名- super 用户,密码-123qwe。

关于python - 使用DOT的带有oAuth2的Django DRF(django-oauth-toolkit),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30855991/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com