Closed tschig closed 1 year ago
I don't have the time to debug this, adding this link for reference with ways this could work: https://www.django-rest-framework.org/api-guide/authentication/
that's because of the LOGIN_REQUIRED_IGNORE_PATHS
list set in cms/settings.py
:
LOGIN_REQUIRED_IGNORE_PATHS = [
r'/accounts/login/$',
r'/accounts/logout/$',
r'/accounts/signup/$',
]
just add a regex for the api endpoint and that's enough:
LOGIN_REQUIRED_IGNORE_PATHS = [
r'/accounts/login/$',
r'/accounts/logout/$',
r'/accounts/signup/$',
r'/api/v[0-9]+/',
]
hey @masavini thanks for this! Do you want to create a PR so I can test it and merge it? Thanks!
just did it (and tested, as well)!
that's because of the
LOGIN_REQUIRED_IGNORE_PATHS
list set incms/settings.py
:LOGIN_REQUIRED_IGNORE_PATHS = [ r'/accounts/login/$', r'/accounts/logout/$', r'/accounts/signup/$', ]
just add a regex for the api endpoint and that's enough:
LOGIN_REQUIRED_IGNORE_PATHS = [ r'/accounts/login/$', r'/accounts/logout/$', r'/accounts/signup/$', r'/api/v[0-9]+/', ]
... are you suggesting to not use authentication to access the API? It's very wrong imho.
@Sgar80
... are you suggesting to not use authentication to access the API?
yes, API use another authentication system.
merged
Describe the issue I have set GLOBAL_LOGIN_REQUIRED to TRUE and after that, every request to the API gets a redirect to the login page as response:
To Reproduce Steps to reproduce the issue:
Expected behavior REST Endpoint takes provided authorization header and logs in the user.