I am trying to build a system in Django
without using any of its batteries -- auth
, admin
etc. The system uses the Django
rest framework for the API.
However, when I try to request to an API, I keep getting this error:
Model class django.contrib.auth.models.Permission doesn't declare an explicit
app_label and isn't in an application in INSTALLED_APPS.
I do not want to use django.contrib.auth
at all. I did the following inside my DRF API View class:
class NewsPostView(APIView):
permission_classes = None
def get(self, request, format=None):
posts = NewsPost.objects.all()
serializer = NewsPostSerializer(posts, many=True)
return Response([])
However, I am still getting the same error. How can I disable auth from DRF?
Authentication is a mechanism that provides access control based on the credentials associated with incoming requests. Django REST Framework provides several authentication schemes. In this section, let’s look at the Basic Authentication in Django rest framework, i.e., authenticated against a user’s username and password.
A common concept usually discussed with authentication is authorization. The authorization merely is granting access to specific features or services before or after authentication. In the Django framework, developers might mandate authentication before users can access some services.
If no class authenticates, request.user will be set to an instance of django.contrib.auth.models.AnonymousUser, and request.auth will be set to None. The value of request.user and request.auth for unauthenticated requests can be modified using the UNAUTHENTICATED_USER and UNAUTHENTICATED_TOKEN settings. Setting the authentication scheme
Only one class of user exists in Django’s authentication framework, i.e., 'superusers' or admin 'staff' users are just user objects with special attributes set, not different classes of user objects. See the full API documentation for full reference, the documentation that follows is more task oriented.
I have solved my issue. After @Linovia's response, I checked the docs etc of DRF and changed the following properties:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [],
'DEFAULT_PERMISSION_CLASSES': [],
'UNAUTHENTICATED_USER': None,
}
And everything worked.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With