0

I want to get access token in my APIView. I am using Oauth2 with client_credentials. Even it is printing self.request.auth and self.request.user as None. I want the user who have create client_credentials application in djnago restframework. 

# Employee API
class EmployeeListAPIView(generics.ListAPIView):
    serializer_class = UserSerializer
    # permission_classes = [UserIsAuthenticated]

    def get_queryset(self, *args, **kwargs):
        print('request.user', self.request.auth)
        print('request.user', self.request.user)
        print('Access Token', self.access_token)

        qs = User.objects.exclude(
                Q(userprofile__user_is_deleted = True)|
                Q(userprofile__user_company__company_is_deleted=True)
            ).filter(
                Q(userprofile__user_company =self.request.auth.application.company) &
                Q(userprofile__user_role__id=4)
            )
        return qs
Cipher
  • 2,060
  • 3
  • 30
  • 58

2 Answers2

2

If you want access token you can get by request.META.get('HTTP_AUTHORIZATION').

If you want user or client then you can 

from django-oauth2-provider.provider.oauth2.models import AccessToken

accesstoken=AccessToken.objects.get(token=request.META.get('HTTP_AUTHORIZATION'))
user=accesstoken.user
client=accesstoken.client
Yugandhar Chaudhari
  • 3,831
  • 3
  • 24
  • 40
2

Can't leave comments yet, so I need to leave an answer :) Are you sure your middleware settings are correct?

Here is an example, maybe it will help. How can I get the current logged in user from a django-oauth-toolkit token?

It's actually pretty strange, that you cant get user with self.request.user. It's supposed to return him.

Try to print request object that you're getting in view and see what's inside, maybe it will help.

Igor Belkov
  • 446
  • 3
  • 8