0

I have a very simple desire: to authenticate (log in) user over REST. I need to use email and password.

settings.py:

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.sites',
    'django.contrib.staticfiles',
    'rest_framework',
    'modeltranslation',
    'corsheaders',
    'django_s3_storage',
    'rest_framework.authtoken',
    'rest_auth',
    'allauth',
    'allauth.account'
]

'DEFAULT_AUTHENTICATION_CLASSES': (
    'rest_framework.authentication.SessionAuthentication',
),

ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_REQUIRED = True   
ACCOUNT_USERNAME_REQUIRED = False

AUTHENTICATION_BACKENDS = (
 "django.contrib.auth.backends.ModelBackend",
 "allauth.account.auth_backends.AuthenticationBackend",
)

urls.py:

re_path(r'^rest-auth/', include('rest_auth.urls')),

When I do:

curl \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]", "password": "zyzzyx' \
  http://localhost:8000/rest-auth/login/

The error message is: Unable to log in with provided credentials.

EDIT:

I'm using custom user model:

class CustomUser(AbstractUser):
    created = models.DateTimeField(auto_now_add=True)
    username = models.CharField(max_length=100, unique=True)
    email = models.EmailField(max_length=200, unique=True)
    company = models.ForeignKey(Company, on_delete=models.CASCADE, related_name='%(class)s_company')
    role = models.CharField(
        max_length=100,
        choices=ROLE_CHOICES,
        default='admin',
    )

    class Meta:
        ordering = ('created',)
        db_table = "custom_user"

    def __str__(self):
        return self.username

User = get_user_model()

In settings.py:

AUTH_USER_MODEL = 'myapps.CustomUser'
Improve this question
2
  • Your curl request looks fine. Probably either the credential is wrong or the login controller is having the problem. Commented Nov 13, 2019 at 5:53
  • The credentials are correct. I can log into Django admin with that password and username admin. Commented Nov 13, 2019 at 6:54

2 Answers 2

Reset to default
1

In order to token authenticate using built in methods of django_rest_framwork, you should call obtain_auth_token method.

So, your urls.py will look something like

from django.urls import path
from rest_framework.authtoken.views import obtain_auth_token  # <-- Here
from myapi.core import views

urlpatterns = [
    path('rest-auth/', obtain_auth_token, name='api_token_auth'),  # <-- And here
]

Refer this tutorial for more details.

Update 1

Looks like you have not properly configured rest_auth, that is why your login is failing. You should set REST_SESSION_LOGIN to True for session authentication. And if you need token authentication, set REST_USE_JWT to True. Refer this documentation for all available configurations.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

I think I could cope with SessionAuthentication, not token.
Can you share your settings for rest_auth? I'm seeing the package is processing django_login based on the settings. You can see the source here
I think all the settings I have at the moment relating the rest_auth is included in the original question, if I'm following you. Am I missing something?
You shoud set REST_SESSION_LOGIN to True for session authentication.
Default value for REST_SESSION_LOGIN is True.
0

I ended up storing email address in the username field as well.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.