JWT based authentication works well using POST requests sent from mobile
and "advanced rest client", however it fails when using the Django test
client.
The client successfully receives the token when requested, but it gets the
following response when trying to access a restricted view using that token:
*"Authentication credentials were not provided."*
Here is my test case:
def test_get_token(self):
response = self.client.post("/auth/api/get_token/", {"username":
"Heffalumps", "password": "Woozles"})
self.assertEqual(response.status_code, 200, "The token should be
successfully returned.")
response_content = json.loads(response.content.decode('utf-8'))
token = response_content["token"]
# The following request fails
response = self.client.post("/auth/api/authenticated/", {},
Authorization='JWT ' + token)
response_content = json.loads(response.content.decode('utf-8'))
self.assertEqual(response_content["authenticated"], "mooh", "The user
should be able to access this endpoint.")
My restricted view:
class RestrictedView(APIView):
permission_classes = (permissions.IsAuthenticated, )
authentication_classes = (JSONWebTokenAuthentication, )
def post(self, request):
response_data = json.dumps({"authenticated": "mooh"})
return HttpResponse(response_data, content_type='application/json')
The outgoing request contains the following headers:
<http://i.stack.imgur.com/6mbTC.png>
Does anybody know, if there's a particular reason why it works from
mobile/browser, but doesn't work with the test client?
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/c77d8147-6d55-4d9b-9fcd-cbed1d8fdfda%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
