Open Navaruban opened 5 years ago
Did you actually provide the authentication details?
Can you use some command line tool like HTTPie and provide the output from your request? ( Don't forget to obfuscate any sensitive data)
Hi! The web interface works great however I can not connect using cURL:
Using: REST framework JWT Auth settings: REST_USE_JWT = True
Here trying to log in with cURL $ curl -X POST -d "{\"username\":\"shovel\", \"email\":\"shovel@hammerdirt.ch\", \"password\":\"123\"}" http://localhost:8000/rest-auth/login/ -v Note: Unnecessary use of -X or --request, POST is already inferred.
POST /rest-auth/login/ HTTP/1.1 Host: localhost:8000 User-Agent: curl/7.63.0 Accept: / Content-Length: 71 Content-Type: application/x-www-form-urlencoded
I tried formatting the data like this also: -d '{"username":"shovel", "email":"shovel@hammerdirt.ch", "password":"123"}' Got the same result.
Then i tried copying and pasting the returned JWT from the web interface to view the restricted page:
~$ curl -H "Authorization: JWTeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NzM5NCwiZW1haWwiOiIifQ.FILWdmNJchAwXh3SVdXSKu16YdrgkulaaXtqfsAygSg" -H "Content-Type: application/json" -X GET http://localhost:8000/api_jwt/see-stuff/ -v Note: Unnecessary use of -X or --request, GET is already inferred.
GET /api_jwt/see-stuff/ HTTP/1.1 Host: localhost:8000 User-Agent: curl/7.63.0 Accept: / Authorization: JWTeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJJWT: yLCJ1c2VybmFtZSI6InNob3ZlbCIsImV4cCI6MTU1MDExMzM5NCwiZW1haWwiOiIifQ.FILWdmNJchAwXh3SVdXSKu16YdrgkulaaXtqfsAygSg Content-Type: application/json
< HTTP/1.1 403 Forbidden < Date: Thu, 14 Feb 2019 03:19:56 GMT < Server: WSGIServer/0.2 CPython/3.7.2 < Content-Type: application/json < Vary: Accept, Cookie < Allow: GET, HEAD, OPTIONS < X-Frame-Options: SAMEORIGIN < Content-Length: 58 <
In the web console, there is a csrf token and session id in the request header.
Maybe I misunderstood, but I thought that JWT was used instead? We want to go from machine to machine with no web interface. is that possible?
Did You provide the Token parameter in the header?
I have Postman working with JWT. In Headers tab add 'Authorization' as Key and add 'JWT
# 'rest_framework.authentication.BasicAuthentication',
),
You need to authenticate with Token (In your case).
Try this
curl -X GET http://127.0.0.1:8000/api/example/ -H 'Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b'
And read more in the doc
https://www.django-rest-framework.org/api-guide/authentication/
has all details about Authentication and this issue must be closed
Everything was working fine in Local Server, but on production Server I had to make changes in Apache.
@vasantp20 what were the change you made in apache? please describe
After removing the SIMPLE_JWT settings from the Settings.py file, I got the postman and curl to work
Since it is session Login so you need to provide you credentials so do /admin and login later it will work fine
@syedmudaseer and anybody else stumbling on this later on, you need to enable WSGIPassAuthorization in the apache config:
WSGIPassAuthorization On
The proper way to attach a token on postman for simple TokenAuthentication is by going to the Headers tab and adding an "Authorization" key with a value "Token
As pointed to by @dheerajpai in the link: https://www.django-rest-framework.org/api-guide/authentication/
I am just restating it here for clarity.
For postman this is what you need
I was facing the same issue. then went to the admin panel(http://127.0.0.1:8000/admin/) and logged in using superuser credentials. worked for me. Maybe, in my case, you can not access user data without authentication.
Make sure you have WSGIPassAuthorization On
on /wsgi.conf
After removing the SIMPLE_JWT settings from the Settings.py file, I got the postman and curl to work
SIMPLE_JWT = {
'AUTH_HEADER_TYPES': ('JWT',),
}
This works for me. Can anyone explain why?
I have Postman working with JWT. In Headers tab add 'Authorization' as Key and add 'JWT in Values. Notes:
- you MUST HAVE an space after JWT keyword.
- Use ONLY JSONWebTokenAuthentication. This will guarantee that Django will ignore things that only exists in browsers like session and you can simulate better for mobiles. 'DEFAULT_AUTHENTICATION_CLASSES': ( 'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
),
Thank you very much @nandojve. Using JWT instead of Bearer worked for me
Hi! I tried to use oauth2 authentification with google API for my django framework project. But I don't know where to place access token to be authenticated in my service. I get an error - Authentication credentials were not provided. I think my token just not passed and the server doesn't get it.
So I did:
On finish I get 200 code response (it's HTML file of the google authorization page where I was redirected). Actually I should get code 404 and be redirected to http://localhost:8000/
I tracked all redirections in postman and I saw that I redirected to google auth page (where it suggest me some of my existed accounts), I passed my client id in request and that's it... my needed account is not chosen and I redirected to another endpoint and get 200 code.
Well, I hope somebody understands the topic and help me
"Authentication credentials were not provided." Error occur While access API through Postman
following code is used in Django setting.py file
REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES':( 'rest_framework.authentication.TokenAuthentication', # for browsable api view usage 'rest_framework.authentication.SessionAuthentication', ), 'DEFAULT_PERMISSION_CLASSES': ( 'rest_framework.permissions.IsAuthenticated', ), }
Please recommend a solution for this issue??
**I did have the same issue with token access.
In Curl its is working with string with " " not with single ''
I tried with same
curl http://127.0.0.1:8000/api/blog/1/ -H "Authorization: Token c63fe7a5286109841e7d25fbc7f9413e9483897b" Hope it work for you **
I am getting the same issue, I've tried everything?! I am unable to log into /admin as a superuser as I have a custom API login but I doubt that should matter. I am getting:
403 Forbidden "detail": "Authentication credentials were not provided."
"Authentication credentials were not provided." Error occur While access API through Postman![capture4](https://user-images.githubusercontent.com/40147593/51296269-5901d700-1a41-11e9-9fc5-214d384e3ae0.PNG)
following code is used in Django setting.py file
REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES':( 'rest_framework.authentication.TokenAuthentication',
for browsable api view usage
}
Please recommend a solution for this issue??