标题值：制作“应用程序/vnd.api”

发布于 2025-02-13 22:22:07 字数 1249 浏览 1 评论 0原文

我正在Python开发一个Restfull Jsonapi，并通过棉花糖实施了验证。

我正在使用两个库的组合 safrs 和烧瓶式jsonapi 。我添加了第二个库，以包括棉花糖验证，因为库SAFRS没有。我遵循此 example 。

验证是通过模式来定义的：

class UserSchema(Schema):
    class Meta:
        type_ = 'user'
        self_view = 'user_detail'
        self_view_kwargs = {'id': '<id>'}
        self_view_many = 'user_list'

    id = fields.Integer(as_string=True, dump_only=True)
    user_name = fields.Str(required=True, attribute='username', allow_none=False)
    password = fields.Str(required=True, allow_none=False)
    display_name = fields.Function(lambda obj: "{} <{}>".format(obj.username.upper(), obj.username))

我发现，只有当标头的内容类型为application/vnd.api+json时，验证才有效。问题在于，也接受了标题application/json下的请求，在这种情况下，验证将被忽略。

因此，是否有一种方法可以使application/vnd.api+json强制性？

原文

I'm developing a restfull jsonapi in python and implemented a validation through marshmallow.

I'm using a combination of two libraries SAFRS and flask-rest-jsonapi. I add the second library to include a marshmallow validation, as the library SAFRS doesn't have it. I followed this example.

The validation is defined through schemas:

class UserSchema(Schema):
    class Meta:
        type_ = 'user'
        self_view = 'user_detail'
        self_view_kwargs = {'id': '<id>'}
        self_view_many = 'user_list'

    id = fields.Integer(as_string=True, dump_only=True)
    user_name = fields.Str(required=True, attribute='username', allow_none=False)
    password = fields.Str(required=True, allow_none=False)
    display_name = fields.Function(lambda obj: "{} <{}>".format(obj.username.upper(), obj.username))

I found out, that the validation is only effective if the content-type of the header is application/vnd.api+json.
The problem is that requests under the header application/json are also accepted, and in this case, the validation is ignored.

Therefore, is there be a way to make application/vnd.api+json mandatory?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

甜扑 2025-02-20 22:22:07

找到了解决问题的不同方法。一种方法是通过中间件，但是那里的错误处理不是最佳的。最后，我选择了这个：

    app = Flask("my_app")
    @app.before_request
    def header_check():
        if request.content_type != 'application/vnd.api+json':
            data = {
                "errors": [
                    {
                        "detail": "Content-Type header must be application/vnd.api+json",
                        "title": "Invalid request header",
                        "status": "415"
                    }
                ]
            }
            response = app.response_class(response=json.dumps(data),
                                          status=415,
                                          mimetype='application/json')
            return response

Found different ways of fixing the problem. One way would be via middleware, but the error handling there is not optimal. At the end I chose this one:

    app = Flask("my_app")
    @app.before_request
    def header_check():
        if request.content_type != 'application/vnd.api+json':
            data = {
                "errors": [
                    {
                        "detail": "Content-Type header must be application/vnd.api+json",
                        "title": "Invalid request header",
                        "status": "415"
                    }
                ]
            }
            response = app.response_class(response=json.dumps(data),
                                          status=415,
                                          mimetype='application/json')
            return response

回复收藏 0 原文

~没有更多了~