stackoom
  简体   繁体   中英

Django rest framework authentication

 原文  2017-06-01 10:20:30       python/ django/ python-3.x/ django-rest-framework/ django-rest-auth

Question

I would like create authentication in Django. I'm trying to do everything according to this . Unfortunately, at this moment I have two problems. Firstly, when I try to add from rest_framework.authtoken import views I have conflict with from companies import views . I need views from authtoken to url(r'^api-token-auth/', views.obtain_auth_token) . Secondly, when I use /api-token-auth/ My problem is that I can log in only superuser, for other users in my database I get response - "Unable to log in with provided credentials." 

INSTALLED_APPS = [
    'corsheaders',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
    'companies.apps.CompaniesConfig',
    'rest_framework.authtoken'
]

MIDDLEWARE = [
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

ROOT_URLCONF = 'pri.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'pri.wsgi.application'


# Database
# https://docs.djangoproject.com/en/1.11/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'pri',
        'USER': 'root',
        'HOST': '127.0.0.1',
    }
}

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    )
}


# Password validation
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
]


# Internationalization
# https://docs.djangoproject.com/en/1.11/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.11/howto/static-files/

STATIC_URL = '/static/'

CORS_ORIGIN_ALLOW_ALL = True

2 answers

solution1
 0 ACCPTED  2017-06-01 10:25:19

Use as to remove the conflicts. 

from companies import views as companies_views
from rest_framework.authtoken import views as rest_auth_views

and use this in urls url(r'^api-token-auth/', rest_auth_views.obtain_auth_token)

Provide details is not enough to debug what cause authentication. Can you provide more code about your token based authentication.

Update:

After communicating with OP. He created the user using UserSerializer and that saving the password as plain text. And authentication not works. 

class UserSerializer(serializers.ModelSerializer): 

    class Meta: 
        model = User 

        fields = '__all__'`

    def create(self, validated_data):
        user = User.objects.create_user(**validated_data)
        return user

solution2
 0  2017-06-01 10:44:49

You need to include TokenAuthentication to your DEFAULT_AUTHENTICATION_CLASSES in your settings.py .

From the docs,

To use the TokenAuthentication scheme you'll need to configure the authentication classes to include TokenAuthentication.

So change your settings.py like this, 

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    )
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Authentication with REST Framework Django Django Rest Framework Authentication Errors Django Rest Framework Token Authentication JWT authentication in django rest framework Authentication failed django rest framework Django Rest Framework custom authentication Custom Authentication in Django Rest Framework Django Rest Framework Authentication denied django rest framework no authentication no permission Python Django Rest Framework authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM