当我通过 curl 发出请求时,通过 url 传递用户名+ApiKey,例如:
curl --dump-header - -H "Content-Type: application/json" -X POST --data '{"question": "Is a test yo?", "pub_date": "2011-05-22T00:46:38"}' "http://localhost:8000/polls/api/v1/poll/?username=federico&api_key=10a2d3586e63078ef39f9da8f9aa9209715ed282
我没有问题(除了服务器抱怨这是一个错误的请求,因为我没有发送 FK 数据,但无论如何数据库都会更新。
但是,当我尝试通过标头发送用户名 + apikey 来做同样的事情时, 我收到 401 Unauthorized 错误并且没有任何反应。
我在这里想念什么?
#resources
class PollResource(ModelResource):
choices = fields.ToManyField('polls.api.ChoiceResource', 'choice_set', full=True)
class Meta:
queryset = Poll.objects.all()
resource_name = 'poll'
allowed_methods = ['get', 'post', 'put']
list_allowed_methods = ['get', 'post', 'put', 'delete']
authentication = ApiKeyAuthentication()
authorization = DjangoAuthorization()
class ChoiceResource(ModelResource):
poll = fields.ForeignKey(PollResource, 'poll')
class Meta:
queryset = Choice.objects.all()
resource_name = 'choice'
list_allowed_methods = ['get', 'post', 'put', 'delete']
// js
// backbone-tastypie config
Backbone.Tastypie.csrfToken = $("#secret-token")[0].value;
Backbone.Tastypie.apiKey = {
username: USER,
key: API_KEY
};
// model
var Poll = Backbone.Model.extend({
urlRoot: '/polls/api/v1/poll/'
});
在 HTTP_Authorization 标头中使用 ApiKey 来自 Backbone 的请求:
Request URL:http://localhost:8000/polls/api/v1/poll/
Request Method:POST
Status Code:401 UNAUTHORIZED
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Authorization:ApiKey federico:10a2d3586e63078ef39f9da8f9aa9209715ed282
Connection:keep-alive
Content-Length:109
Content-Type:application/json
Cookie:djdt=hide; sessionid=96ca6e066bab30f241819b22cc85693b; csrftoken=PYMw9nrqh3TOqse3GM3ojU5iSOV2QMUA
Host:localhost:8000
Origin:http://localhost:8000
Referer:http://localhost:8000/index/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
X-CSRFToken:PYMw9nrqh3TOqse3GM3ojU5iSOV2QMUA
X-Requested-With:XMLHttpRequest
Request Payload
{"csrfmiddlewaretoken":"PYMw9nrqh3TOqse3GM3ojU5iSOV2QMUA","question":"What is love?","pub_date":"07/02/2013"}
Response Headersview source
Content-Type:text/html; charset=utf-8
Date:Thu, 07 Feb 2013 21:57:01 GMT
Server:WSGIServer/0.1 Python/2.7.1
Vary:Cookie
编辑:我一直在尝试调试它,显然这是 url 的一些问题......
这是我项目的 url.py
urlpatterns = patterns('',
url(r'^admin/', include(admin.site.urls)),
url(r'^index/$', 'polls.views.index', name='index'),
url(r'^polls/', include('polls.urls')),
)
这是应用程序的 url.py
v1_api = Api(api_name='v1')
v1_api.register(PollResource())
v1_api.register(ChoiceResource())
urlpatterns = patterns('',
url(r'api/', include(v1_api.urls)),
)