djoser
djoser copied to clipboard
"detail": "Authentication credentials were not provided." getting this error while posing uid and token
I created class based view to access uid and token .
I wish to activate user that created. I am receiving the activation link via email. when I click on link I wish activate that user. But getting error 401 in response and {"detail":"Authentication credentials were not provided."} in content
views.py
class UserActivationView(View):
def get (self, request, uid, token):
print('get called in activate_user')
return render(request, 'activate_user.html')
def post (request , uid , token ):
protocol = 'https://' if request.is_secure() else 'http://'
web_url = protocol + request.get_host()
post_url = web_url + "/auth/users/activate/"
post_data = {'uid': uid, 'token': token}
headers={'Authorization': token}
result = requests.post(post_url, headers=headers ,data = post_data)
content = result.text
return Response(content)
settings.py
DJOSER = {
'ACTIVATION_URL': "auth/users/activate/" + '{uid}/{token}/',
'SEND_ACTIVATION_EMAIL': True,
'SEND_CONFIRMATION_EMAIL': True,
'PASSWORD_CHANGED_EMAIL_CONFIRMATION': True,
'USERNAME_CHANGED_EMAIL_CONFIRMATION': True,
'USER_CREATE_PASSWORD_RETYPE': True, #Designed to propote good programming practice
'SET_PASSWORD_RETYPE': True, #Designed to propote good programming practice
'PASSWORD_RESET_CONFIRM_RETYPE': True, #Designed to propote good programming practice
'LOGOUT_ON_PASSWORD_CHANGE' : True, #Note : Logout only works with token based authentication. djoser 2.10
'PASSWORD_RESET_SHOW_EMAIL_NOT_FOUND': False, #Please note that setting this to True will expose information whether an email is registered in the system
'USERNAME_RESET_SHOW_EMAIL_NOT_FOUND': False, #Please note that setting this to True will expose information whether an email is registered in the system
'HIDE_USERS': True,
'token': 'djoser.serializers.TokenSerializer',
'token_create': 'djoser.serializers.TokenCreateSerializer',
'LOGIN_FIELD': 'email', #Default: User.USERNAME_FIELD where User is the model set with Django’s setting AUTH_USER_MODEL.
'SERIALIZERS': {
'user': 'user_profile.serializer.UserSerializer',
},
}
project / urls.py
path("", include('activate_user.urls')),
re_path(r'^auth/', include('djoser.urls')),
re_path(r'^auth/', include('djoser.urls.authtoken'))`
app / urls.py
re_path(r'^auth/users/activate/(?P<uid>[\w-]+)/(?P<token>[\w-]+)/$', UserActivationView.as_view()),
activate.html
<form action="" method="post">
{% csrf_token %}
<td><button type="submit">Click Here For Activate Account</a></td>
</form>
Same here. And still yet to fine a way to not require authrntication for this
the post_url should be post_url = web_url +"/auth/users/activation/"
not post_url = web_url + "/auth/users/activate/"
so change the endpoint from activate
to activation
Even on "/activation" it gives 401. This is because request is going through http:// i tried on both http and https same data, same url http: it gives 401 https: it works
2 possible reason : 1->It's POST request not GET 2-> If is_active= True as default
Hi! Just found a solution (after checking whole documentation - I have found nothing). Documentation provides endpoint
/users/activate/
for "User Activate".
I have walked through the djoser package files from routes, views and auth tokens - in views.py of djoser I have found this:
def get_permissions(self): if self.action == "create": self.permission_classes = settings.PERMISSIONS.user_create elif self.action == "activation": self.permission_classes = settings.PERMISSIONS.activation elif self.action == "resend_activation": self.permission_classes = settings.PERMISSIONS.password_reset elif self.action == "list": self.permission_classes = settings.PERMISSIONS.user_list elif self.action == "reset_password": self.permission_classes = settings.PERMISSIONS.password_reset elif self.action == "reset_password_confirm": self.permission_classes = settings.PERMISSIONS.password_reset_confirm elif self.action == "set_password": self.permission_classes = settings.PERMISSIONS.set_password elif self.action == "set_username": self.permission_classes = settings.PERMISSIONS.set_username elif self.action == "reset_username": self.permission_classes = settings.PERMISSIONS.username_reset elif self.action == "reset_username_confirm": self.permission_classes = settings.PERMISSIONS.username_reset_confirm elif self.action == "destroy" or ( self.action == "me" and self.request and self.request.method == "DELETE" ): self.permission_classes = settings.PERMISSIONS.user_delete return super().get_permissions()
there's activation action, not activate. Changing the action route worked so you'll need to change the endpoint you call
From:
/users/activate/
To:
/users/activation/