Access geonode api via client
I'm encountering an issue with authentication in GeoNode and could use some help. I've enabled it by setting:
LOCKDOWN_GEONODE=True
However, I need to access the API (.../api/v2/...) through a client, both for frontend clients in Django templates and in pure code.
When I activate the lockdown, any API call is redirected to the login page, regardless of the authentication method I use.
I've tried BasicAuth and token authentication (by adding REST_FRAMEWORK TokenAuthentication
), but nothing seems to work.
The only workaround I've found is to add the API urls to AUTH_EXEMPT_URLS
, and create my own middleware to intercept requests. But that doesn't seem like the correct approach.
Setting ENABLE_APIKEY_LOGIN=True
will enable a middleware that will authenticate and login users if an access_token is provided (as Bearer token inside the Authorization header).
This setting is currently not documented