下午好.
我正在使用pytest测试基于django-rest-framework的api.我有以下方法创建一个新对象(从这里采取的方法):
class JSONResponse(HttpResponse):
"""
An HttpResponse that renders its content into JSON.
"""
def __init__(self, data, **kwargs):
content = JSONRenderer().render(data)
kwargs['content_type'] = 'application/json'
super(JSONResponse, self).__init__(content, **kwargs)
@csrf_exempt
@api_view(('POST',))
@permission_classes((IsAuthenticated, ))
def create_transaction(request):
"""
The method takes the data in JSON-format.
If the data is correct Transaction object will created, otherwise it returns an error also in JSON-format.
"""
stream = StringIO('[' + request.raw_post_data + ']')
data = JSONParser().parse(stream)
serializer = NewTransactionSerializer(data=data, many=True)
if serializer.is_valid():
serializer.save()
return JSONResponse(serializer.data, …我需要获取POST请求正文的原始内容,但是当我尝试访问时却request.body遇到异常:
django.http.request.RawPostDataException:
You cannot access body after reading from request's data stream
我知道建议request.data不要request.body使用Django Rest Framework,而要使用它,但是为了验证数字签名,我必须将请求正文以原始且未经修饰的形式使用,因为这是3rd-party签名并我需要验证的内容。
伪代码:
3rd_party_sign(json_data + secret_key) != validate_sign(json.dumps(request.data) + secret_key)
3rd_party_sign(json_data + secret_key) == validate_sign(request.body + secret_key)