使用chrome POSTMAN测试HTTP POST时,在Django中不起作用
use*_*632 3 python django postman
我用 Django 1.9.7 & Python 3.5
我实现了创建用户机制并尝试使用POSTMAN(chrome应用程序)进行测试,但是它不起作用,并且显示如下内容:
Forbidden (CSRF cookie not set.): /timeline/user/create/
这是代码:
urls.py
from django.conf.urls import url
From. import views
app_name = 'timeline'
urlpatterns = [
# ex) /
url(r'^$', views.timeline_view, name='timeline_view'),
# ex) /user/create
url(r'^user/(?P<method>create)/$', views.user_view, name='user_view'),
]
views.py
from django.contrib.auth import authenticate, login, logout
from django.shortcuts import render, HttpResponse
from timeline.models import *
def timeline_view(request):
return HttpResponse('hello world')
def user_view(request, method):
if method == 'create' and request.method == 'POST':
print("hi")
username = request.POST.get('username')
username = request.POST.get('username')
user = User.objects.create_user(username, password=password)
user.first_name = request.POST.get('name','')
user.save()
profile = UserProfile()
profile.user = user
profile.save()
return HttpResponse('create success')
else:
return HttpResponse('bad request', status=400)
POSTMAN :
我尝试了未设置的Django CSRF Cookie,但我认为该帖子适用于过去的版本。
为了进行测试,我使用了@csrf_exempt装饰器。
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def user_view(request, method):
...
现在,您应该可以在没有csrf cookie的情况下调用此函数。
(上一次我尝试过,我正在使用django 1.8.7)
来源:https : //docs.djangoproject.com/en/1.9/ref/csrf/#edge-cases