Django Rest Framework Authentication credentials were not provided

3
votes

I'm using django-rest-auth with django-all-auth on DRF and Angularjs. On any request regarding auth, I get the following error: 

{"detail":"Authentication credentials were not provided."}

Going through SO, i've realised there are a lot of similar problems so accumulating them together, I tried the following:

settings.py

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.staticfiles',
    'django.contrib.sites',
    ...
    'rest_framework',
    'rest_framework.authtoken',
    'rest_auth',
    ...
    'allauth',
    'allauth.account',
    'rest_auth.registration',
    'allauth.socialaccount',
    'allauth.socialaccount.providers.facebook',

)

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
)

DEFAULT_AUTHENTICATION = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.OAuth2Authentication',
        'rest_framework.authentication.TokenAuthentication',
    ),
}
REST_FRAMEWORK = {
   'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAdminUser'
   ),
}
AUTHENTICATION_BACKENDS = (
    "django.contrib.auth.backends.ModelBackend",
    "allauth.account.auth_backends.AuthenticationBackend"
)
TEMPLATE_CONTEXT_PROCESSORS = (
    "django.core.context_processors.request",
    "django.contrib.auth.context_processors.auth",
    "allauth.account.context_processors.account",
    "allauth.socialaccount.context_processors.socialaccount",
)

REST_SESSION_LOGIN = False

My app.js file

sgApp.config(['$routeProvider','$locationProvider', '$httpProvider',
    function($routeProvider, $locationProvider, $httpProvider){
        $routeProvider.when('/',{
            templateUrl: '/static/partials/index.html',
            controller: 'indexCtrl'
        }).when('/abc',{
            templateUrl: 'static/partials/index.html'
        }).otherwise({
            redirectTo: '/'
        });
        $locationProvider.html5Mode(true).hashPrefix('!');
        $httpProvider.defaults.xsrfCookieName = 'csrftoken';
        $httpProvider.defaults.xsrfHeaderName = 'X-CSRFToken';
    }
]).controller('someCtrl', function($scope, $http, $httpProvider){
       $scope.login = function() {
           Facebook.login(function(response) {
            var postDict = {
                access_token: response.authResponse.accessToken
            }
            $http.post('/sgAuth/facebook/', postDict).
                success(function(data){
                    $httpProvider.defaults.headers.common.Authorization = 'Token ' + data.key;
                    $scope.loggedIn = true;
                    $scope.userDetails(); //function that gets user details
                });
        });
    };
});

Where am I going wrong?

2
djangoangularjsdjango-rest-frameworkdjango-rest-auth
Does logging in work? Can you see the data.token if you log it to the console? Does the Token header appear in the request if you look in your browser's developer tools (F12)? - Kevin Brown
@KevinBrown, it is very arbitrary. It'll work sometimes, but it won't logout. And if it does logout, I can't login again. - Newtt
Just to factor it out, I would try adding a console.log(response.authResponse.accessToken) before your call to your own API login. I would also make sure your Token is populating correctly as suggested by Kevin Brown. If FB is working correctly but your token is missing, then you need to check out your logs. - Titus P
I have the same issue here. - Italo Maia
@ItaloMaia, Hey, what's the problem you're facing? I sort of fixed it, so I might be able to help you out. - Newtt

2 Answers

1
votes

I had same problem in your line:

$httpProvider.defaults.headers.common.Authorization = 'Token ' + data.key;

Try this:

httpProvider.defaults.headers.common.Authorization = 'JWT ' + data.key;

Regards.

0
votes

You have permission class in your settings:

REST_FRAMEWORK = {
   'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAdminUser'
   ),
}

So only requests made by admin user are going through.