stackoom
  简体   繁体   中英

Token Authentication returning 403 (Axios + Django Rest Framework)

 原文  2019-09-28 23:24:05       reactjs/ django-rest-framework/ token

Question

I've been trying to fix this for a few hours now, please help me if you can.

When I try to make get requests w/ axios in my React app to my DRF Rest API it returns 403.

App.js:

      axios
        .get(API_POSTS, {
          headers: {
            Authorization: `Token 27dbb4dd8299792c8c52022f829da4ecec22f437`
          }
        })
        .then(res => {
          console.log("Success");
        })
        .catch(error => {
          console.log(error);
        });

settings.py:

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.sites',
    # 3rd-party apps
    'rest_framework',
    'rest_framework.authtoken',
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    'rest_auth',
    'rest_auth.registration',
    'corsheaders',
    # Local
    'posts.apps.PostsConfig',
    'users.apps.UsersConfig',
]

CORS_ORIGIN_WHITELIST = [
    'http://localhost:3000',
]

# Rest Framework


REST_FRAMEWORK = {
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
    ],
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.BasicAuthentication'
    ],
}

EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = False

AUTHENTICATION_BACKENDS = (
    "django.contrib.auth.backends.ModelBackend",
    "allauth.account.auth_backends.AuthenticationBackend",
)

SITE_ID = 1

REST_AUTH_REGISTER_SERIALIZERS = {
    'REGISTER_SERIALIZER': 'users.serializers.CustomRegisterSerializer',
}

I have a posts endpoint that only authenticated users can see.

After logging in from within my React APP this token was generated. (using plain text for now because I'm testing)

So, when I try to make a get request with it, it returns the following error:

Error: Request failed with status code 403
    at createError (createError.js:17)
    at settle (settle.js:19)
    at XMLHttpRequest.handleLoad (xhr.js:60)

Why is this happening? Do I need to send any more information via the Header? I have read other questions and the documentation but can't find an answer.

Thank you.

1 answers

solution1
 0  2019-09-29 00:51:36

Ok, I managed to find out what was wrong. I had to allow TokenAuthentication in my app.

So what I did was:

settings.py

REST_FRAMEWORK = {
   'DEFAULT_AUTHENTICATION_CLASSES': (
   'rest_framework.authentication.TokenAuthentication',
   )
}

views.py

class PostList(generics.ListCreateAPIView):
    authentication_classes = (TokenAuthentication, )
    queryset = Post.objects.all()
    serializer_class = PostSerializer

After that it worked just fine.

Hope it helps everybody.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question csrf token missing axios to django rest framework Django Rest Framework + React JWT authentication, 403 Forbidden on protected views Django Rest Framework + React - token vs session authentication Cannot do axios PUT request in Django REST+React framework - Error 403 Django Rest Framework & React Js ( Axios API Request ): After Incorrect authentication attempt, api returns 400 Authentication with React and Django REST Framework React authentication Django rest framework Django rest framework 401 error with React Axios Axios blocked by CORS policy with Django REST Framework Axios post request not working with Django Rest Framework
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM