Using Django REST API, I'm trying to authenticate my request.
This is what I'm trying to send:
Content-Type: application/json, Authentication: token="6d82549b48a8b079f618ee9c51a6dfb59c7e2196"
This is what I get back:
{"detail": "Authentication credentials were not provided."}
Could someone give me the correct header?
Thanks
The Header:
Accept: application/json
Content-Type: application/json
Authorization: Token 6d82549b48a8b079f618ee9c51a6dfb59c7e2196
Connection: keep-alive
Origin: chrome-extension: //rest-console-id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
Settings.py
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
'rest_framework.permissions.IsAdminUser',
),
'PAGINATE_BY': 10
}
view.py
class ProfileList(generics.ListCreateAPIView):
"""
API endpoint that represents a list of users.
"""
permission_classes = (permissions.IsAuthenticated,)
model = Profile
serializer_class = ProfileSerializer
def pre_save(self, obj):
obj.owner = self.request.user
Assuming you're trying to use TokenAuthentication, the header should look like this:
As described in the documentation.
In my case this works:
(Django REST Framework v3)
settings.py
views.py
urls.py
Don't forget to send the token information in the header:
To generate tokens you can use the following (somewhere in your code):
For those who are on AWS elastic beanstalk and you are kind of stuck with apache and unless you have
WSGIPassAuthorization On
As mentioned by @Fiver your headers get stripped
Instead of manually fixing this and making a new image, I made a script that checks if the last line of the conf file is
WSGIPassAuthorization On
and if it is not we update it and restart the serverIn my Django app I have a config folder with my sh file
configs/server/update-apache.sh
Make it excecutable before I commit it to git
chmod +x configs/server/update-apache.sh
Then in my python.config file I add the command at the end
.ebextensions/python.config
Now any new machine that starts up will have a check done to see if the server is updated and does so if need be
Just in case anyone else comes across this error. This can also happen if you are running Django on Apache using mod_wsgi because the authorization header is stripped out by mod_wsgi. You'll need to add the following to your VirtualHost configuration:
WSGIPassAuthorization On
I was having the same trouble with my Token Authentication
This fixed the problem to me
settings.py