2

According to the Django Rest Framework, when you want to specify what authentication to use, you can either set it as a global in your settings file e.g 

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.TokenAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    )
}

or as a per class view e.g 

@authentication_classes((SessionAuthentication, TokenAuthentication))

Now what i don't seem to get is that when we specify it as a global in our settings, must we also include it as a per class view.

Here is the code for my class view

from django.http import HttpResponse
from rest_framework.decorators import api_view, authentication_classes, permission_classes
from rest_framework.authentication import TokenAuthentication, SessionAuthentication
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response
# Create your views here.


@api_view(['GET'])
@authentication_classes((SessionAuthentication, TokenAuthentication))
@permission_classes((IsAuthenticated,))
def index_view(request, format=None):
    return Response([str(request.auth), str(request.user.password), str(request.session.username)])

And here is the code in my settings.py file

Rest Framework

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.TokenAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    ),
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated'
    )
}

Please i hope i am specific enough

Kushan Gunasekera
  • 7,268
  • 6
  • 44
  • 58
XKCD
  • 122
  • 1
  • 11
  • I guess once you have specified in global setting file we don't need to specify in the individual files. Specifying in individual file is an option available for cases where you want to over ride the mechanism settings – error404 Jun 10 '19 at 12:52
  • Yes i thought, but in my case it seems not to work until i specify it in my class based view – XKCD Jun 10 '19 at 12:54
  • can you share the code of your class view. Not the entire line but just from import commands till the class keyword – error404 Jun 10 '19 at 12:56
  • i have done so. – XKCD Jun 10 '19 at 13:17
  • `from rest_framework.views import APIView` Can you try after creating a class definition after importing the above package. `class (APIView):` – error404 Jun 10 '19 at 13:27
  • i just read this thread https://stackoverflow.com/questions/53649252/django-rest-framework-basepermissionmetaclass-object-is-not-iterable and it worked out the problem. Thanks for your support. – XKCD Jun 10 '19 at 13:52
  • lol....syntax...I thought it is because the function was not inherited from the restframework class. django should have some validation for settings.py file. Could help a lot – error404 Jun 10 '19 at 16:02

0 Answers0