我正在使用 Tastypie 制作 RESTful API,当我尝试 POST/PUT/DELETE
时一个请求它说:
"detail": "CSRF Failed: CSRF token missing or incorrect.".
它适用于
GET
.我已经阅读了关于 SO 的各种主题,说:@csrf_exempt
@method_decorator(csrf_exempt)
但都没有奏效。
我怎样才能克服这个错误?
View .py
class SnippetList(mixins.ListModelMixin,
mixins.CreateModelMixin,
generics.GenericAPIView):
queryset = Snippet.objects.all()
serializer_class = SnippetSerializer
def get(self, request, *args, **kwargs):
return self.list(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
request._dont_enforce_csrf_checks = True
print request.DATA
return self.create(request, *args, **kwargs)
serializer.py
from django.forms import widgets
from rest_framework import serializers
from snippets.models import Snippet, LANGUAGE_CHOICES, STYLE_CHOICES
class SnippetSerializer(serializers.ModelSerializer):
class Meta:
model = Snippet
fields = ('id', 'title', 'code', 'linenos', 'language', 'style')
urls.py
from django.conf.urls import patterns, url
from rest_framework.urlpatterns import format_suffix_patterns
from snippets import views
urlpatterns = patterns('',
url(r'^snippets/$', views.SnippetList.as_view()),
url(r'^snippets/(?P<pk>[0-9]+)/$', views.SnippetDetail.as_view()),
)
urlpatterns = format_suffix_patterns(urlpatterns)
最佳答案
在 settings.py 中将 rest_framework 默认权限更改为 AllowAny
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.AllowAny',),
...
}
关于django - "detail": "CSRF Failed: CSRF token missing or incorrect.",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/21527369/