How to allow access to base route without authentication in django rest framework

Question

How can I allow access to the base route while I have my Default permission classes set to IsAuthenticated in the global settings.

REST_FRAMEWORK = {
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly',
        # 'rest_framework.permissions.AllowAny',
        'rest_framework.permissions.IsAuthenticated',

    ],
}

I know you can just set permission_classes = [AllowAny] in the individual views. But I want my base route to have the same i.e no permissions. Here is how i have the routes set in urls.py

router_public = DefaultRouter()
'''
PUBLIC ROUTES HERE
'''
router_public.register(
    r'cars', car_viewset.Car_Public_Viewset, base_name='Cars')
router_public.register(
    r'planes', plane_views.Plane_Public_ViewSet, base_name='Planes')

urlpatterns = [
    path('admin/', admin.site.urls),
    path('api/admin/', include(router_admin.urls)),
    path('api/public/', include(router_public.urls)),
]

Since I have set permission_classes for cars and planes to AllowAny in the vews, I can access them without Authentication.

How can I do the same for the base route http://localhost:8000/api/public/ since there's no view associated with it.

Gilbish Kosma Gilbish Kosma · Accepted Answer · 2019-09-08T09:41:57

You can provide different permissions to different view class using authenticated_class

from rest_framework.permissions import AllowAny

class ExampleClass(viewsets.GenericViewSet):
     permission_classes = (AllowAny,)
     [...]

use permission_classes in the view which you want to access through api/public/

How to allow access to base route without authentication in django rest framework

1 Answers