7👍
I went ahead and did this from the drf token auth docs and didn’t run into any problems with superusers, staffusers, or normal users.
Also try following the steps of the official docs instead of that SO answer and see if that fixes the problem – it’s possible something changed.
Here were the general steps I took:
- install django, drf
- put ‘rest_framework’ and ‘rest_framework.authtoken’ in INSTALLED_APPS
- add ‘TokenAuthentication’ in my rest_framework settings
- run migrate
- create tokens for users (I just did this in urls.py)
- create the url for token
- POST http://localhost:8000/token/ {“username”: “…”, “password”: “…”}
If you have the code public anywhere I’d be glad to take a further look and see what I find.
30👍
-
I had the same error message when I tried to use this API endpoint :
” obtain_auth_token” class from rest_framework.authtoken.views ,
BUT surprise ! The problem was the User serializer in
first place ! . -
Users were created with the API endppint ,their passwords were saved as plain text !, as in this screenshot :
User Database
BUT the TokenAPI endpoint encrypts the password, so from there come the clash! , -
I’ve changed User Serializer class and override create function to use set_password function that hashes the passwords :
class UserSerializer(serializers.ModelSerializer): class Meta: model = User fields = ['email', 'username', 'password'] extra_kwargs = {'password': {'write_only': True}} def create(self, validated_data): user = User( email=validated_data['email'], username=validated_data['username'] ) user.set_password(validated_data['password']) user.save() return user -
Now that I’ve edited my User Serializer , data are stored like this :
User database after modification -
And So the error : “non_field_errors”: [ “Unable to log in with provided credentials.” stopped showing ! , and the token API endpoint “localhost:8000/api-token-auth/” worked !
- Django REST-Auth Password Reset
- Django: [email protected] in admin
- Where do I put "WSGIPassAuthorization On"?
- What Django TEST_RUNNER supports xunit xml and logging capture?
6👍
Maybe the encryption is to blame. I am facing the same problem. I compared the information stored in mysql of superuser and a common user (let’s call it user1). I found a difference. The password of superuser was encrypted, but user1‘s password wasn’t encryted. So I changed user1‘s password into the superuser‘s password, then I posted the name and password of user1 to the jwt api and I got the right answer.
And now I find an answer, though it may not be the best one, it should work.
I just overwrited the “create” method in “ModelSerializer”.
step1: copy the “create” method from “ModelSerializer” to your own serializers file
step2: change the sentence “instance = ModelClass._default_manager.create(**validated_data)” into “instance = ModelClass._default_manager.create_user(**validated_data)”.
step3: It worked
]4
[
]5
- Specific way of requiring one of two fields in django model definition
- How do I remove the square brackets at the end of a JS variable name during AJAX calls?
3👍
I hope this helps for those using TokenAuthentication (not JWT), django-allauth and dj-rest-auth and getting the same error.
This answer from another similar question worked for me.
I just needed to add these Authentication Backends on settings.py:
AUTHENTICATION_BACKENDS = (
"django.contrib.auth.backends.ModelBackend",
"allauth.account.auth_backends.AuthenticationBackend"
)
1👍
For me, I created the user with password 1234.
In the user admin panel I saw the below message
Password: Invalid password format or unknown hashing algorithm.
After updating the password with django password restrictions (minimum 8 characters and some others) I got the Token in resposne.
- Python venv not creating virtual environment
- How do I set HttpOnly cookie in Django?
- How to do pagination using mongoengine?
- Django Template Not Found
1👍
I got the same issue, I’m using Django 4.1. How I resolved:
- If you’re creating a superuser provide a strong password. Sometimes it does not provide the error on a weak password which happened to me and then won’t generate the token.
- If you are creating a user through code make sure to store the password as a hash.
- Add the following class in setting.py installed_apps=[ ‘rest_framework.authtoken’,]
Now, give it a try!
- How to implement a first-time-only login scheme for a mobile web application implemented with jQuery Mobile, PhoneGap, and Django?
- Django reset_password_confirm TemplateSyntaxError problem
- How to purge all tasks of a specific queue with celery in python?
- How do i configure the django rest framework pagination url
0👍
the pasword is not correct
>>> nameko.Platform.Auth({'username': 'user', 'password': 'pass'})
[{'token': 'eefd5c0f747e121b9cb9986290f66b3c1089669d'}, 2
- Python – Django: Streaming video/mp4 file using HttpResponse
- How to prevent user to access login page in django when already logged in?
- Django CORS Access-Control-Allow-Origin missing
- Convert requests.models.Response to Django HttpResponse
- Django version of flask.jsonify jsonify
0👍
There can be several causes but IMHO the easiest way to clarify this, is to activate the logs in the settings file (with "level": "DEBUG") and to look at the generated SQL selection query by "api-token-auth"
for instance my personal jumped out in reading this request :
SELECT
profileapp_customuser.id, profileapp_customuser.password,
profileapp_customuser.last_login, profileapp_customuser.is_superuser,
[...]
profileapp_customuser.email FROM profileapp_customuser
WHERE
**profileapp_customuser.email = 'username_test3**' LIMIT 21;
In fact my custom model was inoperate cause my user unique id was no more username but email.
- Extending generic view classes for common get_context_data
- Django aggregation: sum then average
- Executing a Django Shell Command from the Command Line
0👍
In my cases, I was using username and password for authentication. But the django authenticte method by was expecting email value against username key becuase of the following customized code in the project as it was already existing developed by someone else
class User(AbstractUser):
.....
USERNAME_FIELD = 'email'
So I provided that against username to make it functional.
See the screenshots for the reference
Using Username value
Using Email value
Note: it’s because Django filter the username value against the field lookup as per mentioned USERNAME_FIELD value see the reference of the code below
user = UserModel._default_manager.get_by_natural_key(username)
- Django template to populate bootstrap rows and columns
- Test Django REST Framework Login Protected API using Postman?
- In the Django REST framework, how are the default permission classes combined with per-view(set) ones?
- TypeError: Object of type 'int32' is not JSON serializable
- What is query.clone(), queryset.clone() for in django?
0👍
The solution to your problem is to back up authentication.
To login with rest_framework.authtoken, the login fields are username and password.
But in django jwt changed this field to USERNAME_FIELD.
You need to write a new Auth Backend and replace username with USERNAME_FIELD in the authentication function parameter.
- IPython on Windows – No highlighting or Auto-complete
- Model limit_choices_to={'user': user}
- Django attribute error. 'module' object has no attribute 'rindex'
- Django error: [<class 'decimal.InvalidOperation'>]
- Sending a message to a single user using django-channels