* 配置`settings` 修改文件`/xinchen/settings.py` ```python INSTALLED_APPS = [ ... 'corsheaders', 'rest_framework', 'rest_framework_jwt', 'django_filters' ] AUTH_USER_MODEL = 'api.UserProfile' MIDDLEWARE = [ ... 'corsheaders.middleware.CorsMiddleware', 'django.middleware.common.CommonMiddleware', # 'django.middleware.csrf.CsrfViewMiddleware', ... ] ... DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql_psycopg2', 'NAME': 'xxxxxx', 'USER': 'xxxxxx', 'PASSWORD': 'xxxxxx', 'HOST': 'xxx.xxx.xxx.xxx' } } ... LANGUAGE_CODE = 'zh-hans' TIME_ZONE = 'Asia/Shanghai' USE_I18N = True USE_L10N = True USE_TZ = False # 跨域增加忽略 CORS_ALLOW_CREDENTIALS = True CORS_ORIGIN_ALLOW_ALL = True # CORS_ORIGIN_WHITELIST = ( # '*' # ) CORS_ALLOW_METHODS = ( 'DELETE', 'GET', 'OPTIONS', 'PATCH', 'POST', 'PUT', 'VIEW' ) CORS_ALLOW_HEADERS = ( 'XMLHttpRequest', 'X_FILENAME', 'accept-encoding', 'authorization', 'content-type', 'dnt', 'origin', 'user-agent', 'x-csrftoken', 'x-requested-with', 'Pragma' ) ... REST_FRAMEWORK = { # 配置默认的认证方式 base:账号密码验证 # session：session_id认证 'DEFAULT_AUTHENTICATION_CLASSES': ( # drf的这一阶段主要是做验证,middleware的auth主要是设置session和user到request对象 # 默认的验证是按照验证列表从上到下的验证 'rest_framework.authentication.BasicAuthentication', 'rest_framework.authentication.SessionAuthentication', "rest_framework_jwt.authentication.JSONWebTokenAuthentication", ), 'DEFAULT_FILTER_BACKENDS': ('django_filters.rest_framework.DjangoFilterBackend',) } import datetime JWT_AUTH = { 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=7), 'JWT_AUTH_HEADER_PREFIX': 'JWT', # 重新定义返回格式 'JWT_RESPONSE_PAYLOAD_HANDLER': 'api.utils.jwt_response_payload_handler' } ```