1

Previously I was using django-rest-auth package and I was getting the auth token when user log in in response response.data.key and this auth token or key was working fine with the api calls as authentication auth

Previously for django-rest-auth:

"/rest-auth/login/"

was getting the response.data.key as auth token and that was working I have stored in the cookie for later use

.get("/rest-auth/user/", {
     headers: {
       "Content-Type": "application/json",
       Authorization: "Token " + response.data.key + "",
       },
  })

It was working to get info on user and also was working when used in other api calls by setting it in

Authorization: "Token " + response.data.key + ""

But now, I'm using dj-rest-auth package instead of django-rest-auth and shifted my urls to

/dj-rest-auth/login

and I'm not getting any key or auth token that I can use for authorization in header.

.get("/dj-rest-auth/user/", {
     headers: {
       "Content-Type": "application/json",
       Authorization: "Token " + response.data.? + "",
       },
  })

It's not working because now I'm getting access_token , refresh_token and user info. I tried to use access_token and refresh_token for authorization in header but it's not working because I'm not getting key or auth token in response when user log in

Note: django-rest-auth is no more maintained and dj-rest-auth is forked from the previous one and have more functions (this is the reason why I'm switching)

How to get auth token or key by using dj-rest-auth package so that I can use it in the header of API calls for authorization?

Shamsail
  • 612
  • 6
  • 17

2 Answers2

1

Check that you don't have an REST_USE_JWT = True in your settings. That setting will enable JWT authentication scheme instead of a (default) token-based.

Alexandr Tatarinov
  • 3,946
  • 1
  • 15
  • 30
  • and what if i need `access_token` also for later use for social authentication then? because if I'll remove `REST_USE_JWT = True` then I don't have access to `access_token` , obviously in that case I'll get `key` . Then, Is there any token that I can use for `authroization` instead of `key` . It's like i'm stuck here, because i need `auth token` / `key` as well as `access_token` – Shamsail Jun 18 '21 at 08:33
  • 1
    The `access_token` for SocialAuth is actually a completely separate thing. After logging in at the 3rd party (like google), the frontend will send you an `access_token` for that provider. This token is used to make request from your backend to the Google and retrieve user info. After that, you still issue the usual Token for this User to authenticate further requests to your backend. – Alexandr Tatarinov Jun 18 '21 at 08:44
0

In django-rest-auth you get the key from a GET request, but according to dj-rest-auth's documentation, you get the token key as a response when you make a post request to /dj-rest-auth/login/.

When you make a POST request to /dj-rest-auth/login/, you can access the key at response.data. But now you need to store it so you can use it in your get requests.

I recommend checking out this question's answers to learn more about storing tokens. How you choose to do this will depend on how to the frontend of your application is built, as the javascript needs access to the token key.

I know I'm late to answer this, but hopefully I can help someone other folks who find this.

LittleRams
  • 1
  • 2