我认为在我的新项目中使用标准 JSON:API 可能是个好主意。不幸的是,我立即无法让 JWT 身份验证正常工作。我的设置:
- 姜戈
- Django REST 框架
- REST 框架 JWT 身份验证
- Django REST 框架 JSON API
如果我获得身份验证路径的选项:
{
"data": {
"name": "Obtain Json Web Token",
"description": "API View that receives a POST with a user's username and password.\n\nReturns a JSON Web Token that can be used for authenticated requests.",
"renders": [
"application/vnd.api+json",
"text/html"
],
"parses": [
"application/vnd.api+json",
"application/x-www-form-urlencoded",
"multipart/form-data"
],
"allowed_methods": [
"POST",
"OPTIONS"
],
"actions": {
"POST": {
"username": {
"type": "String",
"required": true,
"read_only": false,
"write_only": false,
"label": "Username"
},
"password": {
"type": "String",
"required": true,
"read_only": false,
"write_only": true,
"label": "Password"
}
}
}
}
}
如果我然后尝试使用 Content-Type: application/vnd.api+json 天真地发布:
{
"data": {
"user": "user1",
"password": "supersecretpw"
}
}
我得到 409 冲突响应:
{
"errors": [
{
"detail": "The resource object's type (None) is not the type that constitute the collection represented by the endpoint (ObtainJSONWebToken).",
"source": {
"pointer": "/data"
},
"status": "409"
}
]
}
如何正确检索令牌或正确使用上述软件包?