AttributeError: 'Clients' object has no attribute 'is_authenticated' in django-restframework

Question

I want to implement a custom two-layer of global authentication i.e.

• Client authentication
• User authentication

first, every request must have a Client id and bla... bla.. after that request must have user authentication services like access token and refresh token

when I want to implement the first layer it rais following error:

File "D:\Projects\Python Projects\blog_posts\backend\venv\lib\site-packages\rest_framework\permissions.py", line 137, in has_permission
    return bool(request.user and request.user.is_authenticated)
AttributeError: 'Clients' object has no attribute 'is_authenticated'
[15/Dec/2021 17:10:23] "GET /api/admin/postList HTTP/1.1" 500 102946

I'm using:

• Django==3.2.9
• djangorestframework==3.12.4

I'm getting the client id from the client request header and validating it as like:

from users.models import Clients
from rest_framework import authentication
from rest_framework import exceptions
from rest_framework import permissions


class ClientAuthentication(authentication.BaseAuthentication):

    def authenticate(self, request):
        clientID = request.headers.get('client')
        print("client id: ", clientID)
        if not clientID:  # no username passed in request headers
            raise exceptions.AuthenticationFailed('Client ID is Required')

        try:
            client = Clients.objects.get(id=clientID)  # get the client id
        except Clients.DoesNotExist:
            # raise exception if user does not exist
            raise exceptions.AuthenticationFailed('Client ID is Not Valid')

        return (client, None)  # authentication successful

My setting.py config file is like this:

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    # custom apps adding from here...
    'blog',
    'blog_api',
    "rest_framework",
    "corsheaders",
    "users",

    # authentication apps
    "rest_framework_simplejwt.token_blacklist",
]


# django rest-framework settings...
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'core.authorization.ClientAuthentication',
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ),

    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.AllowAny',
        # 'core.authorization.BlocklistPermission',
    ]

}

** my client model as follow **

class Clients(models.Model):
    email = models.EmailField(_('email address'), unique=True)
    client_name = models.CharField(max_length=250, unique=True)
    joint_date = models.DateTimeField(default=timezone.now)
    is_active = models.BooleanField(default=False)

    class Meta:
        # managed = False
        db_table = 'client'

    def __str__(self):
        return self.client_name

Data in database table:

Answer 1

is_authenticated is a property from the default User model. In order for you to utilise this method you must ensure your model Clients inherits this default auth model. Like so

from django.contrib.auth.models import AbstractUser

class Clients(AbstractUser):
    [.. custom fields ..]

See the Django Docs - Using a custom user model when starting a project for more information on this.