{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 放我归山 的问题《Django (using TokenAuthentication): “non_field_err》','https://www.manongdao.com/q-814275.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm using httpie to test my custom authentication.
http POST http://127.0.0.1:8000/api-token-auth/ username='username1' password='Password123'
I did create a custom auth object using AbstractUser.
Using TokenAuthentication, I followed the docs and added my custom TokenAuthentication in my REST_FRAMEWORK settings:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'regis.models.CustomAuthentication',
)
}
And added rest_framework.authtoken in my installed apps.
My AUTHENTICATION_BACKEND is as follows:
AUTHENTICATION_BACKENDS = [ 'regis.models.CustomAuthentication' ]
And here is my custom authentication class:
class CustomAuthentication(authentication.TokenAuthentication):
def authenticate(self, request):
username = request.META.get('X_USERNAME')
print(username)
user_model = get_user_model()
if not username:
return None
try:
user = user_model.objects.get(username=username)
except User.DoesNotExist:
raise exceptions.AuthenticationFailed('No such user')
return (user, None)
urls.py:
urlpatterns += [
url(r'^api-token-auth/', views.obtain_auth_token),
]
I'm pretty much following the DRF docs (http://www.django-rest-framework.org/api-guide/authentication/#custom-authentication). If there's any additional info needed to solve this, please let me know and I'll update. Any help on what I'm missing would be great.
To add: Just out of curiosity, do I need to make a custom authentication system if I have a custom user?
UPDATE:
I just deleted the class above, and just added the rest_framework.authentication.TokenAuthentication in my REST_FRAMEWORK settings. I'm still using a custom authentication which fetches my user.
It looks like this (not going to format it. SO sucks at formatting code from VIM):
class CustomAuthentication(object):
def authenticate(self, email=None, password=None):
User = get_user_model()
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
return None
if user.check_password(password):
return user
return None
def get_user(self, user_id):
try:
user_model = get_user_model()
user = user_model.objects.get(pk=user_id)
except User.DoesNotExist:
return None
I used this Django docs to create that code: https://docs.djangoproject.com/en/1.10/topics/auth/customizing/
If you search for the error string in the DRF code, you find this (in
authtoken/serializers.py:So it looks like depending on which version of Django you're using, either these credentials are incorrect, or the user is not active (for Django >= 1.10)?
Have you tried logging in manually in the admin with these credentials to verify them?
OK I solved it. Inside my settings, I just had to remove the
AUTHENTICATIONS_BACKEND. I thought my custom backend was different for merely logging a user in and the token authentication backend worked to get that token.