This repository was archived by the owner on May 26, 2020. It is now read-only.
This repository was archived by the owner on May 26, 2020. It is now read-only.
DRF Built-in API documentation not working with JSONWebTokenAuthentication & IsAuthenticated #450
Description
Hello,
I have a Rest API working (all good here) with django-rest-framework and django-rest-framework-jwt.
My problem is that I am trying to access the DRF Built-in API documentation for authenticated users only and I am unable to make it work. It throws me 401 error {u'detail': ErrorDetail(string=u'Authentication credentials were not provided.', code=u'not_authenticated')}.
Below I provide you relevant sections of my code and settings.
Urls:
# Rest Documentation
API_TITLE = 'Rest API'
API_DESCRIPTION = 'Rest API Description'
API_PUBLIC = False
AUTHENTICATION_CLASSES = [JSONWebTokenAuthentication] # is this correct?
PERMISSION_CLASSES = [IsAuthenticated] # of course, when I change this to AllowAny it works, but I need it restricted.
PATTERNS = rest_api_urlspatterns
rest_api_docs_urlspatterns = [
# Generate schema with valid `request` instance:
url(r'^docs/', include_docs_urls(
title=API_TITLE,
description=API_DESCRIPTION,
authentication_classes=AUTHENTICATION_CLASSES,
permission_classes=PERMISSION_CLASSES,
public = API_PUBLIC,
patterns = rest_api_urlspatterns
))
]
Settings:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
),
}
JWT_AUTH = {
'JWT_ENCODE_HANDLER': 'rest_framework_jwt.utils.jwt_encode_handler',
'JWT_DECODE_HANDLER': 'rest_framework_jwt.utils.jwt_decode_handler',
'JWT_PAYLOAD_HANDLER': 'api.utils.jwt_payload_handler',
'JWT_PAYLOAD_GET_USER_ID_HANDLER': 'rest_framework_jwt.utils.jwt_get_user_id_from_payload_handler',
'JWT_RESPONSE_PAYLOAD_HANDLER': 'api.utils.jwt_response_payload_handler',
'JWT_SECRET_KEY': MY_PRIVATE_KEY,
'JWT_ALGORITHM': ALOGIRTHM,
'JWT_VERIFY': True,
'JWT_VERIFY_EXPIRATION': True,
'JWT_LEEWAY': 0,
'JWT_EXPIRATION_DELTA': datetime.timedelta(days=15),
'JWT_AUDIENCE': None,
'JWT_ISSUER': None,
'JWT_ALLOW_REFRESH': True,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=7),
'JWT_AUTH_HEADER_PREFIX': 'Bearer',
# to use email instead of username
'JWT_PAYLOAD_GET_USERNAME_HANDLER': 'api.utils.jwt_get_username_from_payload_handler'
}
Additionally, my views are restricted to IsAuthenticated:
class SomeView(APIView):
permission_classes = (IsAuthenticated,)
....
Any idea what could be happening? Thank you very much!