1

I am building an API which has basic authentication enabled. When I'm trying to add an instance to the database (on a viewset which has the AllowAny setting) using the browsable api it. This works when I am not logged. However when I'm not logged in it gives me an error:

HTTP 400 Bad Request Content-Type: application/json Vary: Accept Allow: POST, OPTIONS

{
    "product": [
        "This field is required."
    ],
    "buyername": [
        "This field is required."
    ],
    "buyeremail": [
        "This field is required."
    ]
}

This is the viewset:

class TicketBuyerViewSet(mixins.CreateModelMixin,  
                   viewsets.GenericViewSet):
    queryset = Ticket.objects.all()
    serializer_class = TicketSerializer
    permission_classes = (IsOwnerOrReadOnly,permissions.AllowAny)

    def perform_create(self, serializer):
        serializer.save(isPayed=False,checkedIn=False,isRefunded=False,checkedInDate=None,paymentID="",paymentDate=None)

And this is my urls.py file:

from django.conf.urls import include, url
from django.contrib import admin

urlpatterns = [
    url(r'^admin/', include(admin.site.urls)),
    url(r'^', include('events.urls')),
    url(r'^docs/', include('rest_framework_swagger.urls')),
]

urlpatterns += [
    url(r'^api-auth/', include('rest_framework.urls',
                               namespace='rest_framework')),
]

I have been having this problem only recently. I made the snippets app from the django docs which worked perfectly for about a week. However, since a couple day I have the same problem with this api as with my 'own' api. I have tried chrome and firefox as well.

Edit: While I get why the http error codes may be confusing opposed to my question I do highly suspect the error lies in the django-rest authentication because when I log out and I fill in the EXACT same data it DOES work. Here are the response error codes for the PUT request when I'm logged in and logged out respectively:

[03/Nov/2015 20:38:44] "POST /ticketsbuyer/ HTTP/1.1" 400 10513
[03/Nov/2015 20:39:24] "POST /ticketsbuyer/ HTTP/1.1" 201 4543

Edit 2: I downloaded the exact source code from the django-rest-framework-tutorial github. I created a superuser and the EXACT same thing happened, for some reason django rest browsable api or my browser is not sending the post data correctly.

Edit 3 For some reason it worked for me to downgrade to version 3.2.5 of the rest-framework. I'm not the only one with this problem: Django Rest Framework - Browsable API Form always returns 400 bad request

Improve this question

2 Answers 2

Reset to default
3

There's an opened bug about this: https://github.com/tomchristie/django-rest-framework/issues/3588

However, I wasn't able to reproduce yet. Help is welcomed to understand what's going on.

Edit: thanks, it seems indeed that the authentication is the key in this bug.

Edit: upgrading to 3.3.1 should fix the issue.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

3.3.1 was released and should fix that issue.
2

HTTP400 is not generally an authentication error. Typically it is a data error. The message it is sending back says that you did not send the required fields so check the data you are sending and make sure it is meeting all the required fields. If it was an authentication issue it would be returning a HTTP401

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.