Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Authentication credentials were not provided with djangorestframework-jwt

I am trying to use django rest_framework_jwt. I can get it to generate a token but when i try and send it in the header to a protected view i get 'Authentication credentials were not provided.'

The format of the header I am sending is:

"Authorization": "Token SomeRandomToken"

settings.py

    INSTALLED_APPS = [
        ...
    rest_framework.authtoken
]

REST_FRAMEWORK = {
   'DEFAULT_AUTHENTICATION_CLASSES': (
       'rest_framework.authentication.TokenAuthentication',
       'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
   ),
   'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated',
   ),
}

views.py

class UserList(mixins.ListModelMixin,
               mixins.CreateModelMixin,
               generics.GenericAPIView):
    permission_classes = (permissions.IsAuthenticated,)
    authentication_classes = (JSONWebTokenAuthentication,)
    queryset = User.objects.all()
    serializer_class = UserSerializer
like image 454
Mantis Avatar asked Mar 14 '17 14:03

Mantis


People also ask

What does authentication credentials not provided mean?

The underlying cause of this issue can be different things but it essentially means that your browser is not authorized to complete the task you are trying to accomplish.

What is an authentication credential?

Authentication Credential means any data (such as a PIN, digital certificate, key or password) or device (such as a smart card or other security token) that is used by Fannie Mae to authenticate the identity or authority of an individual or system.

How does Django authentication work?

The Django authentication system handles both authentication and authorization. Briefly, authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do. Here the term authentication is used to refer to both tasks.


1 Answers

From looking at the docs I would say you should remove the default TokenAuthentication from your AUTHENTICATION_CLASSES

   'DEFAULT_AUTHENTICATION_CLASSES': (
       'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
   ),

Also the header seems to have a different format:

Now in order to access protected api urls you must include the Authorization: JWT <your_token> header.

like image 100
arie Avatar answered Sep 28 '22 14:09

arie