search

encode / django-rest-framework

Web APIs for Django. 🎸
https://www.django-rest-framework.org
Other
28.45k stars 6.84k forks source link

DRF uses Django auth modules even after disabled #5430

Closed karesh closed 7 years ago

karesh commented 7 years ago

I want to use the django project as one microservice REST application without any auth module. After I disable the auth and admin modules I go the error when I start the project.

/django/db/models/base.py", line 118, in __new__
    "INSTALLED_APPS." % (module, name)
RuntimeError: Model class django.contrib.auth.models.Permission doesn't declare an explicit app_label and isn't in an application in INSTALLED_APPS.
INSTALLED_APPS = [
    # 'django.contrib.admin',
    # 'django.contrib.auth',
    'django.contrib.contenttypes',
    # 'django.contrib.sessions',
    'django.contrib.messages',
    # 'django.contrib.staticfiles',
    'rest_framework',

]

MIDDLEWARE = [
    # 'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    # 'django.middleware.common.CommonMiddleware',
    # 'django.middleware.csrf.CsrfViewMiddleware',
    # 'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    # 'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
REST_FRAMEWORK = {

    'DEFAULT_RENDERER_CLASSES': (
        'rest_framework.renderers.JSONRenderer',  # use this in production
    ),
    'DEFAULT_PARSER_CLASSES': (
        'rest_framework.parsers.JSONParser',
    ),
    'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler',
    'DEFAULT_AUTHENTICATION_CLASSES': [],
    'DEFAULT_PERMISSION_CLASSES': [],
}

How can I use DRF without auth module. Because I only the rest api connected to cassandra cluster .

xordoquy commented 7 years ago

Hi, could you provide the full traceback, it will help understand where this is called from.

tomchristie commented 7 years ago

Almost certainly need to set UNAUTHENTICATED_USER=None

See: http://www.django-rest-framework.org/api-guide/settings/#unauthenticated_user

tomchristie commented 7 years ago

I guess we could consider changing the default so that it inspects INSTALLED_APPS and determines a default automatically, although that could be brittle.

An alternative would be to provide better error messaging, but it's not clear how we'd be able to do that.