0

So, I'm learning DjangoRF through a Udemy course in which we build an API with a token authentication. All code written, I launch my server, I try to login via example client and this error occur:

Status Code:  400

{'non_field_errors': ['Unable to log in with provided credentials.']}

This happen with both user and superuser.

Then I try to login from the admin page in the Browsable API and the superuser works, the user not.

I'm new to this framework and even with Python so i actually can't figure aout a solution.

CLIENT:

    import requests


def client():
    credentials = {"username ": "user", "password": "user"}
    response = requests.post('http://127.0.0.1:8000/api/rest-auth/login/', data=credentials)
    print('Status Code: ', response.status_code)
    response_data = response.json()
    print(response_data)


if __name__ == '__main__':
    client()

SETTINGS.PY

"""
Django settings for userProfileAPI project.

Generated by 'django-admin startproject' using Django 4.0.

For more information on this file, see
https://docs.djangoproject.com/en/4.0/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/4.0/ref/settings/
"""

from pathlib import Path

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'django-insecure-efj3a1u0y%jc5!%k5q_mc8l)^1vm(n*tq1=_kdoyvb(s!c_4qv'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = []


# Application definition

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    'rest_framework',
    'rest_framework.authtoken',
    'rest_auth',
    'profiles',
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

ROOT_URLCONF = 'userProfileAPI.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [BASE_DIR / 'templates']
        ,
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'userProfileAPI.wsgi.application'


# Database
# https://docs.djangoproject.com/en/4.0/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': BASE_DIR / 'db.sqlite3',
    }
}


# Password validation
# https://docs.djangoproject.com/en/4.0/ref/settings/#auth-password-validators

 AUTH_PASSWORD_VALIDATORS = [
     {
         'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
     },
     {
         'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
     },
     {
         'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
     },
     {
         'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
     },
 ]


# Internationalization
# https://docs.djangoproject.com/en/4.0/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/4.0/howto/static-files/

STATIC_URL = 'static/'

# Default primary key field type
# https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field

DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'

MEDIA_URL = 'media/'
MEDIA_ROOT = 'uploads'

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.TokenAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    ]
}

MODELS.PY

from django.db import models
from django.contrib.auth.models import User


# Create your models here.

class Profile (models.Model):
    user = models.OneToOneField(User, on_delete=models.CASCADE)
    bio = models.CharField(max_length=240, blank=True) # "blank=True" serve ad indicare che il campo può anche rimanere vuoto
    city = models.CharField(max_length=30, blank=True)
    avatar = models.ImageField(null=True, blank=True)



    def __str__(self):
        return self.user.username


class ProfileStatus(models.Model):
    user_profile = models.ForeignKey(Profile, on_delete=models.CASCADE)
    status_content = models.CharField(max_length=240)
    created_at = models.DateTimeField(auto_now_add=True)
    updated_at = models.DateTimeField(auto_now=True)


    class Meta:
        verbose_name_plural = 'statuses'


    def __str__(self):
        return self.user_profile

SERIALIZERS.PY

from rest_framework import serializers
from profiles.models import Profile, ProfileStatus


class ProfileSerializer(serializers.ModelSerializer):

    user = serializers.StringRelatedField()
    avatar = serializers.ImageField(read_only=True)

    class Meta:
        model = Profile
        fields = '__all__'


class ProfileAvatarSerializer(serializers.ModelSerializer):

    class  Meta:
        model = Profile
        fields = ['avatar']

class ProfileStatusSerializer(serializers.ModelSerializer):

    user_profile = serializers.StringRelatedField(read_only=True)
    class  Meta:
        model = ProfileStatus
        fields = ['avatar']

SIGNALS.PY

from django.contrib.auth.models import User
from django.db.models.signals import post_save
from django.dispatch import receiver
from profiles.models import Profile


@receiver(post_save, sender=User)
def create_profile(sender, instance , created, **kwargs):
    print('Created:', created)
    if created:
        Profile.objects.create(user=instance)

SCREENSHOT IDE ERROR (user or superuser is the same): screenshot ide error

SCREENSHOT BROWSABLE API LOGIN WITH SIMPLE USER: login user

SCREENSHOT BROWSABLE API LOGIN WITH SUPERUSER: login superuser

Obviously I'm sure that credentials are always correct (don't mind that the password does not respect the permissions in setting.py, I uncommented permissions in order to post here)

Thanks you.

milkom121
  • 1
  • 1

1 Answers1

1

Can you also share the code where you are saving the user, I think you are not saving the hashed password. You have to do something like this: user.set_password(password) user.save()

Usama Hameed
  • 129
  • 5
  • 14
  • Thanks you for your answer, i just shared models.py and serializers.py hoping this could help but if not can you explain me what I have to share please? – milkom121 Dec 16 '21 at 13:37
  • there must be a code in which you are getting username and password from user and saving it in database, can you share that code, like in above client() function you are doing the login there must be a function like this in which you are doing the registration/signup of user. – Usama Hameed Dec 16 '21 at 13:41
  • in the previous projects made until now i didn't do something like this, I did simply create users from /admin/ panel. I edited the post with my signals.py file, hoping this could help – milkom121 Dec 16 '21 at 13:56