Currently, I'm making an application that uses Django Rest Framework as my API and iOS (Swift) as my frontend using Alamofire for API calls. However, I've run into an issue with user authentication - whenever I try to make a POST request to login a user using Alamofire, I'm hit with this 403 error:
Here is my login setup with Alamofire:
func loginUser(data: Parameters) {
let finalUrl = self.generateUrl(addition: "auth/login/")
print(finalUrl)
let header: HTTPHeaders = [ "Accept": "application/json", "Content-Type" :"application/json"]
Alamofire.request(finalUrl,method: .post, parameters: data, encoding: JSONEncoding.default, headers: header).responseString { (response:DataResponse<String>) in
print(data)
switch(response.result) {
case .success(_):
if response.result.value != nil {
print(response.result.value!)
}
break
case .failure(_):
print(response.result.error!)
break
}
}
}
On the API side, the login I am using is the one provided by rest_framework.urls...
url(r'^auth/', include('rest_framework.urls', namespace='rest_framework'))
While advice from similar posts has not resolved my issue, I believe my options are
a.) Exempt my views from requiring a CSRF token (I'm not sure if it's even possible in my case - my views are bundled with include() as part of the rest_framework.urls scheme so decorating with csrf_exempt cannot work)
b.)Obtain a CSRF Token for my POST requests somehow
While these are my ideas, I've yet to find an actual solution or method to implement them, so any help would be greatly appreciated!
