4👍
✅
Have a look at the source code of AuthenticatedMiddleware.
It reveals that there is a setting called AUTHENTICATED_EXEMPT_URLS. It can contain regular expressions that are left public. Set it to something like this in your settings.py:
AUTHENTICATED_EXEMPT_URLS = (r"^api/",)
This will make any URLs below /api/ available without being logged in.t
Source:stackexchange.com