django - 如何设置主干和美味派以在执行 POST 请求时正确发送 api_key 和用户名

Question

当我通过 curl 发出请求时，通过 url 传递用户名+ApiKey，例如：

curl --dump-header - -H "Content-Type: application/json" -X POST --data '{"question": "Is a test yo?", "pub_date": "2011-05-22T00:46:38"}' "http://localhost:8000/polls/api/v1/poll/?username=federico&api_key=10a2d3586e63078ef39f9da8f9aa9209715ed282

我没有问题（除了服务器抱怨这是一个错误的请求，因为我没有发送 FK 数据，但无论如何数据库都会更新。

但是，当我尝试通过标头发送用户名 + apikey 来做同样的事情时， 我收到 401 Unauthorized 错误并且没有任何反应。

我在这里想念什么？

#resources

class PollResource(ModelResource):
    choices = fields.ToManyField('polls.api.ChoiceResource', 'choice_set', full=True)

    class Meta:
        queryset = Poll.objects.all()
        resource_name = 'poll'
        allowed_methods = ['get', 'post', 'put']
        list_allowed_methods = ['get', 'post', 'put', 'delete']
        authentication = ApiKeyAuthentication()
        authorization = DjangoAuthorization()


class ChoiceResource(ModelResource):
    poll = fields.ForeignKey(PollResource, 'poll')

    class Meta:
        queryset = Choice.objects.all()
        resource_name = 'choice'
        list_allowed_methods = ['get', 'post', 'put', 'delete']



// js

// backbone-tastypie config
Backbone.Tastypie.csrfToken = $("#secret-token")[0].value;
Backbone.Tastypie.apiKey = {
    username: USER,
    key: API_KEY
};

// model
var Poll = Backbone.Model.extend({
    urlRoot: '/polls/api/v1/poll/'
});

在 HTTP_Authorization 标头中使用 ApiKey 来自 Backbone 的请求：

Request URL:http://localhost:8000/polls/api/v1/poll/
Request Method:POST
Status Code:401 UNAUTHORIZED
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Authorization:ApiKey federico:10a2d3586e63078ef39f9da8f9aa9209715ed282
Connection:keep-alive
Content-Length:109
Content-Type:application/json
Cookie:djdt=hide; sessionid=96ca6e066bab30f241819b22cc85693b; csrftoken=PYMw9nrqh3TOqse3GM3ojU5iSOV2QMUA
Host:localhost:8000
Origin:http://localhost:8000
Referer:http://localhost:8000/index/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
X-CSRFToken:PYMw9nrqh3TOqse3GM3ojU5iSOV2QMUA
X-Requested-With:XMLHttpRequest
Request Payload
{"csrfmiddlewaretoken":"PYMw9nrqh3TOqse3GM3ojU5iSOV2QMUA","question":"What is love?","pub_date":"07/02/2013"}
Response Headersview source
Content-Type:text/html; charset=utf-8
Date:Thu, 07 Feb 2013 21:57:01 GMT
Server:WSGIServer/0.1 Python/2.7.1
Vary:Cookie

编辑：我一直在尝试调试它，显然这是 url 的一些问题......

这是我项目的 url.py

urlpatterns = patterns('',
    url(r'^admin/', include(admin.site.urls)),
    url(r'^index/$', 'polls.views.index', name='index'),
    url(r'^polls/', include('polls.urls')),
)

这是应用程序的 url.py

v1_api = Api(api_name='v1')
v1_api.register(PollResource())
v1_api.register(ChoiceResource())

urlpatterns = patterns('',
    url(r'api/', include(v1_api.urls)),
)