通过我的Django REST框架API获取CORS错误，即使在配置之后也是如此

Question

我正在尝试使用Django Rest框架为我的标签为accounts的应用程序创建用户注册视图。我已经安装了django-cors-headers (参见下面的设置文件)，并按照文档中提到的方式对其进行了配置。当我使用GET请求测试API时，我仍然收到这个错误：

... from origin 'https://hoppscotch.io' has been blocked 
by CORS policy: No 'Access-Control-Allow-Origin' header
 is present on the requested resource.

将非常感谢一些调试解决方案，我一直在努力寻找我的错误的问题。下面是我在为Djano REST api创建类、视图和url时创建的重要文件。

我的项目设置：

​

serializers.py

from rest_framework import serializers
from django.contrib.auth.models import User

class UserSerializer(serializers.ModelSerializer):
    password = serializers.CharField(max_length=65, min_length=8, write_only=True)
    email = serializers.EmailField(max_length=255, min_length=4)
    username = serializers.RegexField("^(?!.*\.\.)(?!.*\.$)[^\W][\w.]{3,29}$")
    first_name = serializers.RegexField("^[A-Za-z]+((\s)?((\'|\-|\.)?([A-Za-z])+))*$", max_length=32, min_length=2)
    last_name = serializers.RegexField("^[A-Za-z]+((\s)?((\'|\-|\.)?([A-Za-z])+))*$", max_length=32, min_length=2)
    
    class Meta:
        model = User
        fields = ['username', 'first_name', 'last_name', 'email', 'password']
        
    def validate(self, attrs):
        email = attrs.get('email', '')
        if User.objects.filter(email=email).exists():
            raise serializers.ValidationError(
                {'email': ('Email is already in use')})
        return super().validate(attrs)

    def create(self, validated_data):
        return User.objects.create_user(**validated_data)

views.py

from django.shortcuts import render
from rest_framework.generics import GenericAPIView
from .serializers import UserSerializer
from rest_framework.response import Response
from rest_framework import status


# Create your views here.
class RegisterView(GenericAPIView):
    serializer_class = UserSerializer

    def post(self, request):
        serializer = UserSerializer(data=request.data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data, status=status.HTTP_201_CREATED)

        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

urls.py

from django.urls import path 
from .views import RegisterView


urlpatterns = [
    path('register', RegisterView.as_view()),
]

project urls.py

from django.contrib import admin
from django.urls import path, include, re_path
from django.views.generic.base import TemplateView
from home import views
from accounts import views

urlpatterns = [
    path('', include('home.urls')),
    path('api/auth/', include('accounts.urls')),
]

settings.py

import os
from decouple import config
from pathlib import Path
from urllib.parse import urlparse
import dj_database_url
import logging.config


BASE_DIR = os.path.dirname(os.path.abspath(__file__))


SECRET_KEY = SECRET KEY


# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = ['*']


INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'corsheaders',
    
    #fancy packages
    'storages',
    'rest_framework',
    
    
    #apps
    'home.apps.HomeConfig',
    'accounts',
    'bootstrap4',

]


MIDDLEWARE = [

      'django.middleware.security.SecurityMiddleware',

      'whitenoise.middleware.WhiteNoiseMiddleware',

      'django.contrib.sessions.middleware.SessionMiddleware',
      'corsheaders.middleware.CorsMiddleware',
      'django.middleware.common.CommonMiddleware',
      'django.middleware.csrf.CsrfViewMiddleware',
      'django.contrib.auth.middleware.AuthenticationMiddleware',
      'django.contrib.messages.middleware.MessageMiddleware',


      'django.middleware.clickjacking.XFrameOptionsMiddleware',

  ]


ROOT_URLCONF = 'stockbuckets.urls'



TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': ['stockbuckets/templates', 'home/templates', 'blog/templates'],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

X_FRAME_OPTIONS = 'SAMEORIGIN'

# DEBUG_PROPAGATE_EXCEPTIONS = True

WSGI_APPLICATION = 'stockbuckets.wsgi.application'



DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': config('DO_DB'),
        'USER' : config('DB_ADMIN'),
        'PASSWORD' : config('DB_ADMIN_PASS'),
        'HOST' : config('DB_HOST'),
        'PORT' : config('DB_PORT'),
        'OPTIONS': {'sslmode':'disable'},
    }
}



db_from_env = dj_database_url.config(conn_max_age=600)
DATABASES['default'].update(db_from_env)

# Password validation
# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
]



# Internationalization
# https://docs.djangoproject.com/en/3.1/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True


STATICFILES_DIRS = (
    os.path.join(BASE_DIR, 'static'),
)


MEDIA_ROOT = os.path.join(BASE_DIR,'media')
MEDIA_URL = '/media/'


CRISPY_TEMPLATE_PACK = 'bootstrap4'

ASGI_APPLICATION = 'stockbuckets.routing.application'


STATICFILES_FINDERS = [

    'django.contrib.staticfiles.finders.FileSystemFinder',
    'django.contrib.staticfiles.finders.AppDirectoriesFinder',

]



CORS_ORIGIN_ALLOW_ALL = True 
CORS_ALLOW_CREDENTIALS = True

提前感谢你的任何建议，很遗憾，我陷入了泥潭，不知道从哪里开始，尽管放弃了剩下的想法，这将是一个禁忌。

Answer 1

尝试将您的settings.py中间件更改为：

MIDDLEWARE = [
 'corsheaders.middleware.CorsMiddleware',
 'django.middleware.security.SecurityMiddleware',

  'whitenoise.middleware.WhiteNoiseMiddleware',

 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',


 'django.middleware.clickjacking.XFrameOptionsMiddleware',

  ]