4

I'm using Django REST Framework and Django-OAuth-toolkit to enable OAuth2 authentication in my application.

Since after using OAuth2, I no more need token-based authentication and hence no token table/model.

Sometimes it makes me confused after seeing two different modules for handling token.

Therefore, I want to remove/hide Token table from the admin panel of Django.

Here is my settings.py file

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'oauth2_provider.contrib.rest_framework.OAuth2Authentication'
    ),
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated'
    ],
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 10
}

I have removed Token based authentication but still Token table is there in the admin panel

enter image description here

Willem Van Onsem
  • 443,496
  • 30
  • 428
  • 555
Anuj TBE
  • 9,198
  • 27
  • 136
  • 285

6 Answers6

16

You don't have to remove rest_framework.authtoken, you can just kick out its registered admin.

This answer likely doesn't apply to you but if you want to carry on using authtokens and just make them hidden from the Admin, you can add the following to one of your existing admin.py files:

try:
    from rest_framework.authtoken.models import TokenProxy as DRFToken
except ImportError:
    from rest_framework.authtoken.models import Token as DRFToken

admin.site.unregister(DRFToken)

Why the ugly code? It's to cope with a 2020 edit whereby the ModelAdmin used here is registered against a proxy model to another which picks the User's PK as its main primary key (for URLs, etc) rather than the database ID of the Token. These are one-to-one mapped, so it makes some sense.

If you know you're only supporting DRF 3.12.0 and newer, you can hack this down to TokenProxy.

Oli
  • 235,628
  • 64
  • 220
  • 299
  • 2
    I tried this solution but it's throwing a `NotRegistered` error even when `django.contrib.auth` is listed first in `INSTALLED_APPS` – Carl Dec 23 '20 at 17:43
  • 4
    You should unregister TokenProxy `admin.site.unregister(TokenProxy)` – Allen Shaw Dec 30 '20 at 05:04
  • Thanks @AllenShaw, unregistering TokenProxy (`admin.site.unregister(TokenProxy)`) worked for me. – Julien Salinas Jun 14 '21 at 07:53
  • Unregistering Token worked for me in Django 3.1, but did not work in Django 4.0. It through the NotRegistered error. Unregistering TokenProxy does work in Django 4.0. – Webucator Jun 09 '22 at 15:58
7
from rest_framework.authtoken.models import TokenProxy
admin.site.unregister(TokenProxy)
Ahmed Safadi
  • 4,402
  • 37
  • 33
4

Get to any registered app's admin.py and add the below lines.

from rest_framework.authtoken.models import TokenProxy
admin.site.unregister(TokenProxy)

Atleast, this works as per 2021 using Django 3.1.7.

Jet Ezra
  • 164
  • 2
  • 9
2

You have to remove rest_framework.authtoken from INSTALLED_APPS

See the docs

0
from rest_framework.authtoken.models import Token
admin.site.unregister(Token)

if you do the above one you will get "raise NotRegistered('The model %s is not registered' % model.name) django.contrib.admin.sites.NotRegistered: The model Token is not registered"

So please follow this below approch

from rest_framework.authtoken.models import TokenProxy
admin.site.unregister(TokenProxy)
Kuntal Samanta Capital Numbers
  • 21
  • 1
0

This should normally work

from rest_framework.authtoken.admin import (
    TokenProxy
)

admin.site.unregister(TokenProxy)
syk1k
  • 21
  • 4