Fw: [問題] Django Rest Framework CSRF

看板Web_Design作者sean72 (.)時間8年前 (2016/09/02 06:37)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

※ [本文轉錄自 Python 看板 #1NoArgCs ] 作者: sean72 (.) 看板: Python 標題: [問題] Django Rest Framework authentication 時間: Fri Sep 2 06:36:17 2016 我想關閉某個post的 CSRF http://www.django-rest-framework.org/api-guide/viewsets/#viewset 裡面提到 You can use any of the standard attributes such as permission_classes, authentication_classes in order to control the API policy on the viewset. stack overflow查到 http://goo.gl/k082op 所以我在我的view.py裡面加入 from rest_framework.authentication import SessionAuthentication, BasicAuthentication, class CsrfExemptSessionAuthentication(SessionAuthentication): def enforce_csrf(self, request): print('csrf exempt...') #從沒跑到這行 return class ItemViewSet(viewsets.ModelViewSet): queryset = Item.objects.all() serializer_class = ItemSerializer # 並且設定authentication_classes authentication_classes = (CsrfExemptSessionAuthentication, BasicAuthentication) 但是我仍然得到 Forbidden (CSRF cookie not set.) 請問我哪邊做錯了? 謝謝 -- ※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 204.96.168.3 ※ 文章網址: https://www.ptt.cc/bbs/Python/M.1472769386.A.336.html ※ 發信站: 批踢踢實業坊(ptt.cc) ※ 轉錄者: sean72 (204.96.168.3), 09/02/2016 06:37:27