CODEWITHSUNDEEP
djangofirebasepyrebase
siderra
siderra

Reputation: 301

How can I bypass drf Token Authentication when using firebase for authentication in django?

I need to sign in a user using firebase from my django app.I have done what I think I needed to do but I seem to be missing something.I am using the pyrebase library.I have created a user on firebase and now I need to sign them in. I am posting the email and password on Postman and I get the 'idToken' and 'refreshToken', which means the user gets authenticated on firebase.But this only works when I use the drf Token authentication(DEFAULT AUTH CLASSES) and authorization token of a user previously created on django admin. What am I missing so that I can authenticate the user without the drf token authentication?

views.py

config = {
  "apiKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "authDomain": "xxxxx.firebaseapp.com",
  "databaseURL": "https://xxxxxxxxx-default-rtdb.firebaseio.com",
  "storageBucket": "xxxxxxxxx.appspot.com",
}

firebase = pyrebase.initialize_app(config)

auth = firebase.auth() 

class Auth(APIView):
   
    def post(self, request, format=None):
        email = "[email protected]"
        password = "xxxx"
    
        user = auth.sign_in_with_email_and_password(email, password)

        return Response(user)

Settings.py

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": (
        "rest_framework.authentication.TokenAuthentication",
    ),
    "DEFAULT_PERMISSION_CLASSES": ("rest_framework.permissions.IsAuthenticated",),
}

Upvotes: 0

Views: 428

Answers (1)

Alexandr Tatarinov
Alexandr Tatarinov

Reputation: 4044

Yeah so basically, you don't need any authorization in any of the authentication views. Since you have a global default of IsAuthenticated, you need to overwrite the permission_classes in the View.

class Auth(APIView):
    permission_classes = []

    def post(self, request, format=None):
        ...

Upvotes: 1

Related Questions