All geek questions in one place

Django Authentication Authentication

I am trying to make a test case for authentication using JWT, in this case django-rest-framework-jwt , then curl I get the following, so:

 curl -X POST -d " email=testuser@test.com &password=testing" http://localhost:8000/api/auth/token/

Receive:

 {"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJlbWFpbCI6InRlc3R1c2VyQHRlc3QuY29tIiwiZXhwIjoxNDIyNTkxMTQ5LCJ1c2VybmFtZSI6InRlc3R1c2VyQHRlc3QuY29tIn0.OT8ggcZYWxcbSy0Vv8u5PA3QISIdarNXTVuvu4QQjnw"}

But when I run my test case:

 class BaseTestCase(TestCase): def setUp(self): self.csrf_client = APIClient(enforce_csrf_checks=True) self.email = ' testuser@test.com ' self.name = 'test user' self.password = 'testing' user = Usuario.objects.create_user(email=self.email, name=self.name, password=self.password) user.save() self.data = { 'email': self.email, 'password': self.password } self.url = '/api/auth/token/' class ObtainJSONWebTokenTests(BaseTestCase): def test_jwt_login_json(self): """ Ensure JWT login view using JSON POST works. """ client = APIClient(enforce_csrf_checks=True) response = client.post(self.url, self.data, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK, response.data) def test_jwt_login_json_incomplete_creds(self): """ Ensure JWT login view using JSON POST fails if incomplete credentials are used. """ client = APIClient(enforce_csrf_checks=True) self.data = { 'email': self.email } response = client.post(self.url, self.data, format='json') self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST, response.data)

I got it:

 Creating test database for alias 'default'... F. ====================================================================== FAIL: test_jwt_login_json (user.tests.ObtainJSONWebTokenTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/rizotas/Proyects/django/src/rescue/user/tests.py", line 34, in test_jwt_login_json self.assertEqual(response.status_code, status.HTTP_200_OK, response.data) AssertionError: 400 != 200 : ReturnDict([('non_field_errors', ['Unable to login with provided credentials.'])]) ---------------------------------------------------------------------- Ran 2 tests in 0.374s FAILED (failures=1) Destroying test database for alias 'default'...

any idea?

Many thanks!

Update:

my settings

 INSTALLED_APPS = ( 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', #'django.contrib.messages', 'django.contrib.staticfiles', 'rest_framework', 'debug_toolbar', 'debug_panel', ...) REST_FRAMEWORK = { 'DEFAULT_PERMISSION_CLASSES': ( 'rest_framework.permissions.IsAuthenticated', ), 'DEFAULT_AUTHENTICATION_CLASSES': ( 'rest_framework.authentication.SessionAuthentication', 'rest_framework.authentication.BasicAuthentication', 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', ), 'TEST_REQUEST_DEFAULT_FORMAT': 'json', 'TEST_REQUEST_RENDERER_CLASSES': ( 'rest_framework.renderers.MultiPartRenderer', 'rest_framework.renderers.JSONRenderer', #'rest_framework.renderers.YAMLRenderer' ) }
+5
source share
3 answers

There was the same problem. Apparently, when you create a user using the default serializer and the localhost path: 8000 / users /, the password is not saved. Confirm that by running a curl query and then querying the database.

Following the instructions on this site: http://www.django-rest-framework.org/api-guide/serializers/#hyperlinkedmodelserializer here is my new UserSerializer class:

 class UserSerializer(serializers.HyperlinkedModelSerializer): class Meta: model = User fields = ('username', 'first_name', 'last_name', 'email', 'password') extra_kwargs = {'password': {'write_only': True}} def create(self, validated_data): user = User( email=validated_data['email'], username=validated_data['username'] ) user.set_password(validated_data['password']) user.save() return user

This code assumes that the username and email address are required. Obviously this can be changed to suit your own business logic.

Hope this helps,

Ishai

+5
source

I am not on a computer ready to test this, but I believe that Django uses a separate database for testing, which is created and destroyed at the beginning and at the end of the tests, respectively. You must create a user inside the test, if you have not already done so, and then try to log into it. In the test database, the user is not authenticated with these credentials.

+1
source

In your cURL example, you are not passing in JSON, but instead with a standard POST body. It looks like the view that '/ api / auth / token /' allows does not accept JSON. This cURL command should output in the same way:

 curl -H "Content-Type: application/json" -d '{"email":"xyz","password":"xyz"}' http://localhost:8000/api/auth/token/

This may help if you have posted your view code.

0
source

Source: https://habr.com/ru/post/1212251/

More articles:


All Articles