Token Authentication in Django rest framework : Using Curl commands

 Create a django-project

# Install django and rest_framework
pip install django
pip install djangorestframework
   
django-admin startprorject token_auth

Create a django application

# Create an app
python manage.py startapp myapi

Mention in setting.py

# Mention apps in setting.py
INSTALLED_APPS = [
    '.....',
    '.....',
    'rest_framework',
    'rest_framework.authtoken',
    'myapi,
]

Set Token Authentication Globally (for all views)

# Set globally TokenAuthentication in - setting.py
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.TokenAuthentication',
        
        'rest_framework.authentication.BasicAuthentication', # Optional
    ]
}

Create a Model

# Create a model - models.py
from django.db import models
from django.contrib.auth.models import User


class Blog(models.Model):
  user = models.ForeignKey(User, on_delete=models.CASCADE)
  title = models.CharField(max_length=150)
  description = models.TextField()

Register Model in admin

# Register model in the admin panel - admin.py
from django.contrib import admin
from .models import Blog

@admin.register(Blog)
class BlogAdmin(admin.ModelAdmin):
  list_display = ['title', 'user', 'description','id']

Execute these commands to save changes

# Create Tables in the database
    python manage.py makemigrations
    python manage.py migrate
    
    # Create superuser
    python manage.py createsuperuser
    
    # Add some entries manually

Create another file for serializers - (say serializers.py)

# Serializer class for model - serializer.py
from rest_framework import serializers
from .models import Blog

class BlogSerializer(serializers.ModelSerializer):
  class Meta:
    model = Blog
    fields = "__all__"

Add Url router and register

# Main Project urls.py
from django.contrib import admin
from django.urls import path, include
from rest_framework.routers import DefaultRouter
from rest_framework.authtoken.views import obtain_auth_token
from . import views


router = DefaultRouter()
router.register(r'blogs', views.BlogModelViewSet, basename='blogs')


urlpatterns = [

    path('admin/', admin.site.urls),
    
    path('api/', include(router.urls)), # add router 
    
    path('auth/', include('rest_framework.urls', namespace='rest_framework')),
    
    # Add url for User to Get Token
    path('gettoken/', obtain_auth_token),
    
]

Create view.py

# views.py
from rest_framework import viewsets
from blog.models import Blog
from .serializers import BlogSerializer

class BlogModelViewSet(viewsets.ModelViewSet):
  serializer_class = BlogSerializer
  queryset = Blog.objects.all()


How to generate API key or Token using Curl

curl -i -X POST 127.0.0.1:8000/gettoken/ -d "username=admin&password=admin"
    
# Output
HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 15:34:55 GMT
Server: WSGIServer/0.2 CPython/3.10.6
Content-Type: application/json
Allow: POST, OPTIONS
X-Frame-Options: DENY
Content-Length: 52
Vary: Origin, Cookie
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

{"token":"08bc55c895810ea53525f5a3c24736941eee052a"} # Copy this token

Get request using curl

curl -i -X GET localhost:8000/api/blogs/ -H "Authorization: Token 08bc55c895810ea53525f5a3c24736941eee052a"
    
# Output
[{"id":1,"title":"What is HTML?","description":"HTML stands for Hypertext Markup Language. It is used to design web pages. It is used to make the structure of the website.","user":1},{"id":2,"title":"Wha is django?","description":"Django is web framework, which is written in python. It is used to make website backend. Youtube is also made in django.","user":1},{"id":3,"title":"What is CSS?","description":"CSS stands for Cascading Style Sheet. CSS is used for Styling the web pages.","user":1},{"id":13,"title":"What is JavaScript?","description":"JavaScript is a client side programming language. Although today it has become the general purpose language.","user":2},{"id":14,"title":"What is Java?","description":"Java is a high level, object oriented, platform independent programming language.","user":1}]

Post request using curl

curl -i -X POST localhost:8000/api/blogs/ -H "Authorization: Token 08bc55c895810ea53525f5a3c24736941eee052a" -d "title=What is Python?&description=Python is high level general purpose language used in AI and ML&user=1"
    
# Output
HTTP/1.1 201 Created
Date: Tue, 11 Apr 2023 15:47:26 GMT
Server: WSGIServer/0.2 CPython/3.10.6
Content-Type: application/json
Vary: Accept, Origin, Cookie
Allow: GET, POST, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 126
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

{"id":15,"title":"What is Python 3?","description":"Python is high level general purpose language used in AI and ML","user":1}

Comments

Post a Comment

Popular posts from this blog

Implicit objects in Django template

In this article we will discuss about implicit objects in Django templates.  In Django templates, there are several implicit objects that are available for use without needing to pass them explicitly from the view. These implicit objects provide access to various context-related information, settings, and functionalities within the template. The most commonly used implicit objects are: {{ request }} : Represents the HttpRequest object that holds information about the current request, including request data, headers, user session, and more. request.GET : A dictionary containing GET parameters sent with the request. request.POST : A dictionary containing POST parameters sent with the request. request.method : The HTTP method used for the request (e.g., "GET", "POST"). request.path : The URL path of the request. request.user : The User object representing the currently authenticated user. request.session : The user's session data.   {{ user }} : P...
Read more

What are non field errors in django forms

In Django forms (including ModelForm), non_field_errors are errors that are not associated with any specific form field but are relevant to the form as a whole. These errors occur during form validation and represent issues that apply to the form's data globally rather than to individual fields. non_field_errors are typically used when you need to validate data across multiple fields or when certain conditions must be met across the entire form. For example, you might want to ensure that the form data adheres to some business rules that involve multiple fields or perform checks that require the context of the entire form. Example: Login form if username and password is incorrect then we raise ValidationError that Username or Password is incorrect. This is not related to any field. We have to say that login credentials are incorrect. You can add non_field_errors to a form by raising a ValidationError with the NON_FIELD_ERRORS key. The NON_FIELD_ERRORS key is a special const...
Read more