Hello I am trying to test Token Authentication i have implemented with DRF using httpie as per the tutorial in this following link
The following command:
http GET 127.0.0.1:8000/api/projects/ 'Authorization: Token b453919a139448c5891eadeb14bf1080a2624b03'
yields the following error.
usage: http [--json] [--form] [--pretty {all,colors,format,none}]
[--style STYLE] [--print WHAT] [--headers] [--body] [--verbose]
[--all] [--history-print WHAT] [--stream] [--output FILE]
[--download] [--continue]
[--session SESSION_NAME_OR_PATH | --session-read-only SESSION_NAME_OR_PATH]
[--auth USER[:PASS]] [--auth-type {basic,digest}]
[--proxy PROTOCOL:PROXY_URL] [--follow]
[--max-redirects MAX_REDIRECTS] [--timeout SECONDS]
[--check-status] [--verify VERIFY]
[--ssl {ssl2.3,ssl3,tls1,tls1.1,tls1.2}] [--cert CERT]
[--cert-key CERT_KEY] [--ignore-stdin] [--help] [--version]
[--traceback] [--default-scheme DEFAULT_SCHEME] [--debug]
[METHOD] URL [REQUEST_ITEM [REQUEST_ITEM ...]]http: error: argument REQUEST_ITEM: "Token" is not a valid value
So i decided to differ from the tutorial and made my request like this
http GET 127.0.0.1:8000/api/projects/ 'Authorization:b453919a139448c5891eadeb14bf1080a2624b03'
The following message was returned
HTTP/1.0 401 Unauthorized
Allow: GET, POST, HEAD, OPTIONS
Content-Type: application/json
Date: Thu, 03 Nov 2016 09:52:05 GMT
Server: WSGIServer/0.1 Python/2.7.10
Vary: Accept
WWW-Authenticate: Token
X-Frame-Options: SAMEORIGIN
{
"detail": "Authentication credentials were not provided."
}
Any assistance offered would be great. I am running on local machine at home.
And these are all provided by drf(django rest framework) and other than these like oauth, oauth2 based authentication are provided by the efforts of the community with help of other python packages. And they can be easily used in the production environment.
Token authentication refers to exchanging username and password for a token that will be used in all subsequent requests so to identify the user on the server side. This article revolves about implementing token authentication using Django REST Framework to make an API.
The solution is simple as is as follows . Use double quotes in the place of single quotes contrary to what the DRF Documentation says
For curl use the command below
curl -H "Authorization: Token b453919a139448c5891eadeb14bf1080a2624b03" http://127.0.0.1:8000/api/projects/
For HTTPie use
http GET http://127.0.0.1:8000/api/projects/ "Authorization: Token b453919a139448c5891eadeb14bf1080a2624b03"
Note that Double quotes are used contrary to single quotes in the documentation.
Contrary to Paul Nyondo's experience, for me the issue is not single quotes / double quotes (both are fine when using bash
as shell), but the space between Authorization:
and Token
.
This fails:
» http GET http://service:8000/api/v1/envs/ 'Authorization: Token 3ea4d8306c6702dcefabb4ea49cfb052f15af85c'
http: error: InvalidHeader: Invalid return character or leading space in header: Authorization
This works (with double quotes):
» http GET http://service:8000/api/v1/envs/ "Authorization:Token 3ea4d8306c6702dcefabb4ea49cfb052f15af85c"
HTTP/1.1 200 OK
Allow: GET, HEAD, OPTIONS
Content-Length: 90
Content-Type: application/json
And this also works (with single quotes):
» http GET http://svc.userv.dgvmetro:8000/api/v1/envs/ 'Authorization:Token 3ea4d8306c6702dcefabb4ea49cfb052f15af85c'
HTTP/1.1 200 OK
Allow: GET, HEAD, OPTIONS
Content-Length: 90
Content-Type: application/json
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With