2

I am making an android app which has a django rest api as the backend and want to make authenticated network calls using the token given to the user when he/she has logged in.

I am using retrofit to make requests to the backend. Here is what I am doing right now to attempt to make an authenticated network call to the rest api. 

@Override
public void loadAllUsers() {
    Call<List<User>> call = userServiceApi.loadAllUsers();
    call.enqueue(new Callback<List<User>>() {
        @Override
        public void onResponse(@NonNull Call<List<User>> call, @NonNull Response<List<User>> response) {
            if (response.isSuccessful()) {
                List<User> users = response.body();
                eventBus.post(new LoadAllUsersEvent(users));
            } else {
                eventBus.post(new FailLoadAllUsersEvent());
                Log.d(TAG, response.message());
            }
        }

        @Override
        public void onFailure(@NonNull Call<List<User>> call, @NonNull Throwable t) {
            eventBus.post(new LoadUsersUnreachableServerEvent());
            Log.d(TAG, t.toString());
        }
    });
}

Here is the retrofit interface relevant to this api request:

@GET("users/")
Call<List<User>> loadAllUsers(@Header("Authorization: Token ") Token token);

When I make this call passing the user's token in as the header, I get status code 401: Unauthenticated: "GET /users/ HTTP/1.1" 401 58

What am I doing wrong for django rest Token Authentication to work and to make an authenticated django rest api call?

Improve this question
2
  • Are you using OkHttp as well? Commented Jul 25, 2017 at 14:06
  • No I am not using OkHttp. Commented Jul 25, 2017 at 14:12

1 Answer 1

Reset to default
4

The quick fix for this would be to change your api interface:

@GET("users/")
Call<List<User>> loadAllUsers(@Header("Authorization") Token token);

Value you are passing in should be formated as "Token %s".

This is not a very good solution, because you'd have to pass the token around to all of your api calls.

Better way to solve your authorization issues is by using OkHttp client and implement authenticator, which takes care of everything for you.

OkHttp and Retrofit work together very well.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

This is a good one futurestud.io/tutorials/…, but it's for retrofit 1. The only difference is that RestAdapter was renamed to Retrofit. Of course I suggest using the latest versions of OkHttp and Retrofit.
So should the authentication header contain "Token %s" instead of "Authorization" because I have implemented that with OkHttp and it says "Unexpected char 0x20 in 5 in header name: Token %s" @Andrej Jurkin
Hey Tom, headers are key-value pair. Key is "Authorization" value is what you pass into your retrofit interface and the string should be "Token 0b79bab50daca910b000d4f1a2b675d604257e42". Something like that.
Now I get another error. java.lang.IllegalStateException: Expected BEGIN_ARRAY but was BEGIN_OBJECT at line 1 column 2 path $. It runs the onFailure method instead of onResponse
This means your request goes through and fails when parsing. Your authentication problem has been solved. Please close the question and continue seeking answers elsewhere.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.