5

I have a Django application, which I am using DRF for my API with Session, and Token authentication. I have rest_framework, and rest_framework.authtoken in my installed apps. I have migrated my database and can create tokens for users in the Django Admin. I know all of this is working because I am accessing rest_framework.auth_token's obtain_auth_token view for returning a token when user data is submitted in a POST request, and receive one back. When I try to make a GET request to a view function in my app that has TokenAuthentication on its viewset, it keeps returning.

{"detail":"Authentication credentials were not provided."}

Settings File

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    # My Apps
    'rest_framework',
    'rest_auth',
    'rest_framework.authtoken',
]

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    ],
}

URLS

from django.urls import path, include
from rest_framework.routers import DefaultRouter
from rest_framework.authtoken import views

from api.views.some_model import MyViewSet

urlpatterns = [
    path('', include(router.urls)),
    path('rest-auth/', include('rest_auth.urls')),
    path('api-token-auth/', views.obtain_auth_token)
]

Viewset

from rest_framework.viewsets import ModelViewSet
from rest_framework.authentication import SessionAuthentication, TokenAuthentication
from rest_framework.permissions import IsAuthenticated

from some_app.models import SomeModel
from api.serializers.exams import SomeModelSerializer


class ExamViewSet(ModelViewSet):
    permission_classes = (IsAuthenticated,)
    authentication_classes = (TokenAuthentication, SessionAuthentication)

    queryset = SomeModel.objects.all()
    serializer_class = SomeModelSerializer

Python Script to Get Response

import requests
import json

data = {
    "username": "[email protected]",
    "password": "password124"
}
url = "http://localhost:8002/api/v1/api-token-auth/"
response = requests.post(url, data=data)
token = json.loads(response.text).get('token')

if token:
    token = f"Token {token}"
    headers = {"Authentication": token}
    response = requests.get("http://localhost:8002/api/v1/model/", headers=headers)
    print(response.text)
else:
    print('No Key')
Improve this question

3 Answers 3

Reset to default
9

Header name should be Authorization not Authentication:

headers = {"Authorization": token}
response = requests.get("http://localhost:8002/api/v1/model/", headers=headers)
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Womp Womp. rookie mistake, how embarrassing hah. Thank you very much neverwalkaloner.
I just fell into the same trap. It is so easy to make this mistake if you have spent hours developing "authentication"-enabled views.
0

The token should be provided in the header like

 -H  "Authorization: Token 8fa36c01df3bb9ed31fc2329c53a9fe2cac72966"
Improve this answer

Comments

-2

Authorization: Bearer < your-token-here > and if you are using Django Rest Framework the default prefix is JWT.

Improve this answer

1 Comment

Authorization: JWT your-token-here Their is no such syntax like that, this is valid Authorization: Bearer your-token-here

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.