Учетные данные аутентификации postman не предоставлены - Django
Я предоставил свой полный код, который я использовал для достижения JWT аутентификации в моем django приложении. Я могу зарегистрировать пользователя, войти в систему, но даже после предоставления токена в заголовке, я получаю эту ошибку в postman.
Я пробовал множество вариантов из интернета, чтобы решить эту проблему, но ничего не помогает, я пробовал заменить Bearer на Token, но это тоже не помогло.
models.py
import uuid
from django.db import models
from django.contrib.auth.models import PermissionsMixin
from django.contrib.auth.base_user import AbstractBaseUser
from django.utils import timezone
from .managers import CustomUserManager
# Create your models here.
class User(AbstractBaseUser, PermissionsMixin):
# These fields tie to the roles!
ADMIN = 1
USER = 2
ROLE_CHOICES = (
(ADMIN, 'Admin'),
(USER, 'User'),
)
class Meta:
verbose_name = 'user'
verbose_name_plural = 'users'
# Roles created here
uid = models.UUIDField(unique=True, editable=False, default=uuid.uuid4, verbose_name='Public identifier')
email = models.EmailField(unique=True)
first_name = models.CharField(max_length=30, blank=True)
last_name = models.CharField(max_length=50, blank=True)
role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, blank=True, null=True, default=2)
avtar = models.FileField()
date_joined = models.DateTimeField(auto_now_add=True)
is_active = models.BooleanField(default=True)
is_deleted = models.BooleanField(default=False)
created_at = models.DateTimeField(auto_now_add=True)
updated_at = models.DateTimeField(auto_now=True)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
def __str__(self):
return self.email
serializers.py
from .models import User
from rest_framework import serializers
from rest_framework_simplejwt.tokens import RefreshToken
from django.contrib.auth import authenticate
from django.contrib.auth.models import update_last_login
class UserRegistrationSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = (
'email',
'password'
)
def create(self, validated_data):
auth_user = User.objects.create_user(**validated_data)
return auth_user
class UserLoginSerializer(serializers.Serializer):
email = serializers.EmailField()
password = serializers.CharField(max_length=128, write_only=True)
access = serializers.CharField(read_only=True)
refresh = serializers.CharField(read_only=True)
role = serializers.CharField(read_only=True)
def create(self, validated_date):
pass
def update(self, instance, validated_data):
pass
def validate(self, data):
email = data['email']
password = data['password']
user = authenticate(email=email, password=password)
if user is None:
raise serializers.ValidationError("Invalid login credentials")
try:
refresh = RefreshToken.for_user(user)
refresh_token = str(refresh)
access_token = str(refresh.access_token)
update_last_login(None, user)
validation = {
'access': access_token,
'refresh': refresh_token,
'email': user.email,
'role': user.role,
}
return validation
except User.DoesNotExist:
raise serializers.ValidationError("Invalid login credentials")
class UserListSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = (
'email',
'role'
)
views.py
settings.py
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
),
}
# Configure the JWT settings
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5),
'REFRESH_TOKEN_LIFETIME': timedelta(days=14),
'ROTATE_REFRESH_TOKENS': True,
'BLACKLIST_AFTER_ROTATION': False,
'ALGORITHM': 'HS256',
'SIGNING_KEY': SECRET_KEY,
'VERIFYING_KEY': None,
'AUTH_HEADER_TYPES': ('JWT',),
'USER_ID_FIELD': 'id',
'USER_ID_CLAIM': 'user_id',
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
'TOKEN_TYPE_CLAIM': 'token_type',
}
managers.py
from django.contrib.auth.base_user import BaseUserManager
from django.utils.translation import gettext_lazy as _
class CustomUserManager(BaseUserManager):
"""
Custom user model where the email address is the unique identifier
and has an is_admin field to allow access to the admin app
"""
def create_user(self, email, password, **extra_fields):
if not email:
raise ValueError(_("The email must be set"))
if not password:
raise ValueError(_("The password must be set"))
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save()
return user
def create_superuser(self, email, password, **extra_fields):
extra_fields.setdefault('is_active', True)
extra_fields.setdefault('role', 1)
if extra_fields.get('role') != 1:
raise ValueError('Superuser must have role of Global Admin')
return self.create_user(email, password, **extra_fields)
urls.py
urlpatterns = [
path('token/obtain/', jwt_views.TokenObtainPairView.as_view(), name='token_create'),
path('token/refresh/', jwt_views.TokenRefreshView.as_view(), name='token_refresh'),
path('/UserRegistration/', views.UserRegistrationView.as_view(), name='UserRegistration'),
path('/AuthUserLogin/', views.AuthUserLoginView.as_view(), name='AuthUserLogin'),
path('/UserList/', views.UserListView.as_view(), name='UserList'),
path('/UserUpdate/', views.UserUpdateView.as_view(), name='UserUpdate'),
path('/UserUpdateAvtar/', views.UserUpdateAvtarView.as_view(), name='UserUpdateAvtar'),
]
Измените AUTH_HEADER_TYPES в настройках SIMPLE_JWT на
SIMPLE_JWT['AUTH_HEADER_TYPES'] = ('Bearer', ) или SIMPLE_JWT['AUTH_HEADER_TYPES'] = ('Bearer', 'JWT') (если вы хотите сохранить JWT префикс, добавленный перед вашим токеном. rest_framework_simplejwt ищет префиксы, которые вы определили в SIMPLE_JWT['AUTH_HEADER_TYPES]. Поскольку в нем есть только JWT, он ищет значение в формате JWT {actual token} в HTTP_AUTHORIZATION заголовке.
Или, вы можете изменить значение заголовка Authorization в postman - замените Bearer на JWT.