1

I am building out an API using Django rest framework, but I am having trouble authenticating a request using basic authentication. For testing purposes I have a view that, when called via POST and provided with a valid username/password for a User model, should return that model with the provided id, in this case id=1018

curl -X POST http://<my-url>/api/detail/1018 -u <username>:<password>
{"detail": "Authentication credentials were not provided."}

GET requests work fine as no authentication is required. I have been roughly following the rest framework tutorial. In each class I have permission_classes = (permissions.IsAuthenticatedOrReadOnly, IsOwnerOrReadOnly,)

And in permissions.py

from rest_framework import permissions

class IsOwnerOrReadOnly(permissions.BasePermission):

    def has_object_permission(self, request, view, obj):
        # Read permissions are allowed to any request,
        # so we'll always allow GET, HEAD or OPTIONS requests.
        if request.method in permissions.SAFE_METHODS:
            return True

        # Write permissions are only allowed to the owner of the account.
        # I have commented this out and set it to return True so that I can test
        # more easily narrow down the cause of the error.
        #obj.owner.id == request.user.id
        return True

I'm not even sure if it is a code issue, as it says that credentials were not provided, not that the credentials are wrong.

Improve this question

1 Answer 1

Reset to default
1

Ok after digging deeper into the docs, I found a caveat when deploying with Apache. Turns out you have to add a line to your httpd.conf file.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.