Reputation: 1
So, I'm learning DjangoRF through a Udemy course in which we build an API with a token authentication. All code written, I launch my server, I try to login via example client and this error occur:
Status Code: 400
{'non_field_errors': ['Unable to log in with provided credentials.']}
This happen with both user and superuser.
Then I try to login from the admin page in the Browsable API and the superuser works, the user not.
I'm new to this framework and even with Python so i actually can't figure aout a solution.
CLIENT:
import requests
def client():
credentials = {"username ": "user", "password": "user"}
response = requests.post('http://127.0.0.1:8000/api/rest-auth/login/', data=credentials)
print('Status Code: ', response.status_code)
response_data = response.json()
print(response_data)
if __name__ == '__main__':
client()
SETTINGS.PY
"""
Django settings for userProfileAPI project.
Generated by 'django-admin startproject' using Django 4.0.
For more information on this file, see
https://docs.djangoproject.com/en/4.0/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/4.0/ref/settings/
"""
from pathlib import Path
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'django-insecure-efj3a1u0y%jc5!%k5q_mc8l)^1vm(n*tq1=_kdoyvb(s!c_4qv'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'rest_framework.authtoken',
'rest_auth',
'profiles',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'userProfileAPI.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [BASE_DIR / 'templates']
,
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'userProfileAPI.wsgi.application'
# Database
# https://docs.djangoproject.com/en/4.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'db.sqlite3',
}
}
# Password validation
# https://docs.djangoproject.com/en/4.0/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/4.0/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/4.0/howto/static-files/
STATIC_URL = 'static/'
# Default primary key field type
# https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
MEDIA_URL = 'media/'
MEDIA_ROOT = 'uploads'
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
]
}
MODELS.PY
from django.db import models
from django.contrib.auth.models import User
# Create your models here.
class Profile (models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE)
bio = models.CharField(max_length=240, blank=True) # "blank=True" serve ad indicare che il campo può anche rimanere vuoto
city = models.CharField(max_length=30, blank=True)
avatar = models.ImageField(null=True, blank=True)
def __str__(self):
return self.user.username
class ProfileStatus(models.Model):
user_profile = models.ForeignKey(Profile, on_delete=models.CASCADE)
status_content = models.CharField(max_length=240)
created_at = models.DateTimeField(auto_now_add=True)
updated_at = models.DateTimeField(auto_now=True)
class Meta:
verbose_name_plural = 'statuses'
def __str__(self):
return self.user_profile
SERIALIZERS.PY
from rest_framework import serializers
from profiles.models import Profile, ProfileStatus
class ProfileSerializer(serializers.ModelSerializer):
user = serializers.StringRelatedField()
avatar = serializers.ImageField(read_only=True)
class Meta:
model = Profile
fields = '__all__'
class ProfileAvatarSerializer(serializers.ModelSerializer):
class Meta:
model = Profile
fields = ['avatar']
class ProfileStatusSerializer(serializers.ModelSerializer):
user_profile = serializers.StringRelatedField(read_only=True)
class Meta:
model = ProfileStatus
fields = ['avatar']
SIGNALS.PY
from django.contrib.auth.models import User
from django.db.models.signals import post_save
from django.dispatch import receiver
from profiles.models import Profile
@receiver(post_save, sender=User)
def create_profile(sender, instance , created, **kwargs):
print('Created:', created)
if created:
Profile.objects.create(user=instance)
SCREENSHOT IDE ERROR (user or superuser is the same): screenshot ide error
SCREENSHOT BROWSABLE API LOGIN WITH SIMPLE USER: login user
SCREENSHOT BROWSABLE API LOGIN WITH SUPERUSER: login superuser
Obviously I'm sure that credentials are always correct (don't mind that the password does not respect the permissions in setting.py, I uncommented permissions in order to post here)
Thanks you.
Upvotes: 0
Views: 782
Reputation: 179
Can you also share the code where you are saving the user, I think you are not saving the hashed password. You have to do something like this: user.set_password(password) user.save()
Upvotes: 1