Django REST Frameworkとのトークンベースの認証

Question

私はdjango rest_frameworkのドキュメントを練習しており、認証、特にトークンベースの認証に苦しんでいます。私は既に作成したユーザーのトークンを作成することができます。ここでは、ユーザーにトークンを提供することによって情報を追加、削除、更新する権限を与える方法があります。私は

models.py

class Snippet(models.Model): 
    created = models.DateTimeField(auto_now_add=True) 
    title = models.CharField(max_length=100, blank=True, default='') 
    code = models.TextField() 
    linenos = models.BooleanField(default=False) 
    language = models.CharField(choices=LANGUAGE_CHOICES, default='python', max_length=100) 
    style = models.CharField(choices=STYLE_CHOICES, default='friendly', max_length=100) 

    owner = models.ForeignKey('auth.User', related_name='snippets', on_delete=models.CASCADE) 
    highlighted = models.TextField(default = '') 

    class Meta: 
     ordering = ('created',) 

views.py

from snippets.models import Snippet 
from snippets.serializers import SnippetSerializer,UserSerializer 
from django.http import Http404 
from rest_framework.views import APIView 
from rest_framework.response import Response 
from rest_framework import status 

from django.contrib.auth.models import User 
from rest_framework import generics 

from rest_framework import permissions 
from snippets.permissions import IsOwnerOrReadOnly 

class SnippetList(APIView): 
    """ 
    List all snippets, or create a new snippet. 
    """ 

    def get(self, request, format=None): 
     snippets = Snippet.objects.all() 
     serializer = SnippetSerializer(snippets, many=True) 
     return Response(serializer.data) 

    def post(self, request, format=None): 
     serializer = SnippetSerializer(data=request.data) 
     if serializer.is_valid(): 
      serializer.save() 
      return Response(serializer.data, status=status.HTTP_201_CREATED) 
     return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) 

    def perform_create(self, serializer): 
     serializer.save(owner=self.request.user) 

    permission_classes = (permissions.IsAuthenticatedOrReadOnly,IsOwnerOrReadOnly,) 

class SnippetDetail(APIView): 
    """ 
    Retrieve, update or delete a snippet instance. 
    """ 
    # permission_classes = (permissions.IsAuthenticatedOrReadOnly,IsOwnerOrReadOnly,) 

    def get_object(self, pk): 
     try: 
      return Snippet.objects.get(pk=pk) 
     except Snippet.DoesNotExist: 
      raise Http404 

    def get(self, request, pk, format=None): 
     snippet = self.get_object(pk) 
     serializer = SnippetSerializer(snippet) 
     return Response(serializer.data) 

    def put(self, request, pk, format=None): 
     snippet = self.get_object(pk) 
     serializer = SnippetSerializer(snippet, data=request.data) 
     if serializer.is_valid(): 
      serializer.save() 
      return Response(serializer.data) 
     return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) 

    def delete(self, request, pk, format=None): 
     snippet = self.get_object(pk) 
     snippet.delete() 
     return Response(status=status.HTTP_204_NO_CONTENT) 

    permission_classes = (permissions.IsAuthenticatedOrReadOnly, 
         IsOwnerOrReadOnly,) 

class UserList(generics.ListAPIView): 
    queryset = User.objects.all() 
    serializer_class = UserSerializer 

class UserDetail(generics.RetrieveAPIView): 
    queryset = User.objects.all() 
    serializer_class = UserSerializer 

serializers.py

from rest_framework import serializers 
from snippets.models import Snippet 
from django.contrib.auth.models import User 

class SnippetSerializer(serializers.ModelSerializer): 
    owner = serializers.ReadOnlyField(source='owner.username') 

    class Meta: 
     model = Snippet 
     fields = ('id', 'title', 'code', 'linenos', 'language', 'style','owner') 

class UserSerializer(serializers.ModelSerializer): 
    snippets = serializers.PrimaryKeyRelatedField(many=True, queryset=Snippet.objects.all()) 

    #owner = serializers.ReadOnlyField(source='owner.username') 
    class Meta: 
     model = User 
     fields = ('id', 'username', 'snippets') 

permissions.py

from rest_framework import permissions 

class IsOwnerOrReadOnly(permissions.BasePermission): 
    """ 
    Custom permission to only allow owners of an object to edit it. 
    """ 

    def has_object_permission(self, request, view, obj): 
     # Read permissions are allowed to any request, 
     # so we'll always allow GET, HEAD or OPTIONS requests. 
     if request.method in permissions.SAFE_METHODS: 
      return True 

     # Write permissions are only allowed to the owner of the snippet. 
     return obj.owner == request.user 

0の下、いくつかのものを行っています

ulrs.py

from django.conf.urls import url,include 
from snippets import views 
import rest_framework 
#rfrom rest_framework.authtoken import views 
urlpatterns = [ 
    url(r'^snippets/$', views.SnippetList.as_view()), 
    url(r'^snippets/(?P<pk>[0-9]+)/$', views.SnippetDetail.as_view()), 
    url(r'^api-token-auth/', rest_framework.authtoken.views.obtain_auth_token), 
    url(r'^users/$', views.UserList.as_view()), 
    url(r'^users/(?P<pk>[0-9]+)/$', views.UserDetail.as_view()), 

    url(r'^api-auth/', include('rest_framework.urls', 
           namespace='rest_framework')), 
] 

エラー：

>>> from snippets.models import Snippet 
>>> from snippets.serializers import SnippetSerializer 
>>> from rest_framework.renderers import JSONRenderer 
>>> from rest_framework.parsers import JSONParser 
>>> snippet = Snippet(code='foo = "bar"\n') 
>>> snippet.save() 
Traceback (most recent call last): 
    File "<console>", line 1, in <module> 
    File "/home/phygital/kiran/snippets/models.py", line 56, in save 
    super(Snippet, self).save(*args, **kwargs) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/models/base.py", line 708, in save 
    force_update=force_update, update_fields=update_fields) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/models/base.py", line 736, in save_base 
    updated = self._save_table(raw, cls, force_insert, force_update, using, update_fields) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/models/base.py", line 820, in _save_table 
    result = self._do_insert(cls._base_manager, using, fields, update_pk, raw) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/models/base.py", line 859, in _do_insert 
    using=using, raw=raw) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/models/manager.py", line 122, in manager_method 
    return getattr(self.get_queryset(), name)(*args, **kwargs) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/models/query.py", line 1039, in _insert 
    return query.get_compiler(using=using).execute_sql(return_id) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/models/sql/compiler.py", line 1060, in execute_sql 
    cursor.execute(sql, params) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/backends/utils.py", line 79, in execute 
    return super(CursorDebugWrapper, self).execute(sql, params) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/backends/utils.py", line 64, in execute 
    return self.cursor.execute(sql, params) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/utils.py", line 95, in __exit__ 
    six.reraise(dj_exc_type, dj_exc_value, traceback) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/backends/utils.py", line 64, in execute 
    return self.cursor.execute(sql, params) 
    File "/usr/local/lib/python2.7/dist-packages/django/db/backends/sqlite3/base.py", line 323, in execute 
    return Database.Cursor.execute(self, query, params) 
IntegrityError: NOT NULL constraint failed: snippets_snippet.owner_id 

Answer 1

トークン認証Djangoの残りのフレームワークを使用しました。

views.py

from rest_framework.authentication import TokenAuthentication 
from rest_framework.permissions import IsAuthenticated 

class SampleView(APIView): 
    authentication_classes = (TokenAuthentication,) 
    permission_classes = (IsAuthenticated,) 

、すなわち（リクエストのヘッダーにトークンとしてパラメータを渡す

from rest_framework.authtoken.models import Token 
token = Token.objects.create(user=your instance) 

（ポストメソッドを保存）ノーマルビューまたは信号に使用するためのトークンを作成しますDRFのトークン認証部でご覧ください）