Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Token Authentication Django Rest Framework HTTPie

Hello I am trying to test Token Authentication i have implemented with DRF using httpie as per the tutorial in this following link

The following command:

http GET 127.0.0.1:8000/api/projects/ 'Authorization: Token b453919a139448c5891eadeb14bf1080a2624b03'

yields the following error.

usage: http [--json] [--form] [--pretty {all,colors,format,none}]
        [--style STYLE] [--print WHAT] [--headers] [--body] [--verbose]
        [--all] [--history-print WHAT] [--stream] [--output FILE]
        [--download] [--continue]
        [--session SESSION_NAME_OR_PATH | --session-read-only SESSION_NAME_OR_PATH]
        [--auth USER[:PASS]] [--auth-type {basic,digest}]
        [--proxy PROTOCOL:PROXY_URL] [--follow]
        [--max-redirects MAX_REDIRECTS] [--timeout SECONDS]
        [--check-status] [--verify VERIFY]
        [--ssl {ssl2.3,ssl3,tls1,tls1.1,tls1.2}] [--cert CERT]
        [--cert-key CERT_KEY] [--ignore-stdin] [--help] [--version]
        [--traceback] [--default-scheme DEFAULT_SCHEME] [--debug]
        [METHOD] URL [REQUEST_ITEM [REQUEST_ITEM ...]]http: error: argument REQUEST_ITEM: "Token" is not a valid value

So i decided to differ from the tutorial and made my request like this

http GET 127.0.0.1:8000/api/projects/ 'Authorization:b453919a139448c5891eadeb14bf1080a2624b03'

The following message was returned

HTTP/1.0 401 Unauthorized
Allow: GET, POST, HEAD, OPTIONS
Content-Type: application/json
Date: Thu, 03 Nov 2016 09:52:05 GMT
Server: WSGIServer/0.1 Python/2.7.10
Vary: Accept
WWW-Authenticate: Token
X-Frame-Options: SAMEORIGIN

  {
     "detail": "Authentication credentials were not provided."
  }

Any assistance offered would be great. I am running on local machine at home.

like image 854
Paul Nyondo Avatar asked Nov 03 '16 09:11

Paul Nyondo


People also ask

What is the best authentication for Django REST framework?

And these are all provided by drf(django rest framework) and other than these like oauth, oauth2 based authentication are provided by the efforts of the community with help of other python packages. And they can be easily used in the production environment.

What is token authentication in Django REST framework?

Token authentication refers to exchanging username and password for a token that will be used in all subsequent requests so to identify the user on the server side. This article revolves about implementing token authentication using Django REST Framework to make an API.


2 Answers

The solution is simple as is as follows . Use double quotes in the place of single quotes contrary to what the DRF Documentation says

For curl use the command below

curl -H "Authorization: Token b453919a139448c5891eadeb14bf1080a2624b03" http://127.0.0.1:8000/api/projects/

For HTTPie use

http GET http://127.0.0.1:8000/api/projects/ "Authorization: Token b453919a139448c5891eadeb14bf1080a2624b03"

Note that Double quotes are used contrary to single quotes in the documentation.

like image 80
Paul Nyondo Avatar answered Oct 14 '22 06:10

Paul Nyondo


Contrary to Paul Nyondo's experience, for me the issue is not single quotes / double quotes (both are fine when using bash as shell), but the space between Authorization: and Token.

This fails:

» http GET http://service:8000/api/v1/envs/ 'Authorization: Token 3ea4d8306c6702dcefabb4ea49cfb052f15af85c'

http: error: InvalidHeader: Invalid return character or leading space in header: Authorization

This works (with double quotes):

» http GET http://service:8000/api/v1/envs/ "Authorization:Token 3ea4d8306c6702dcefabb4ea49cfb052f15af85c"
HTTP/1.1 200 OK
Allow: GET, HEAD, OPTIONS
Content-Length: 90
Content-Type: application/json

And this also works (with single quotes):

» http GET http://svc.userv.dgvmetro:8000/api/v1/envs/ 'Authorization:Token 3ea4d8306c6702dcefabb4ea49cfb052f15af85c'
HTTP/1.1 200 OK
Allow: GET, HEAD, OPTIONS
Content-Length: 90
Content-Type: application/json
like image 35
blueFast Avatar answered Oct 14 '22 07:10

blueFast