Diable basic auth on some pages

[Cherie Pun]

Hi,

In the dev version of the website, we are using basic auth to limit access. However, we are currently developing an api for the website and I would like to use the api without going through the basic auth. Is it possible to disable basic auth for all the api urls?

Cheers,
Cherie

[Alex Heyden]

Cherie,

By default, there are no authentication controls in Django. Barring some custom middleware, authentication checks are performed within the views themselves or through something like the @login_required or @user_passes_test decorators. Are you certain that authentication is what's blocking your requests?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/0d9a681e-74c4-4b74-9648-e0e6c74beeb6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Cherie Pun]

Hi,

We are using 'deploy.middleware.basicauth.BasicAuthMiddleware' right now. If I remove that line, I will be able to access the api page. However if it's included, when I access the api page, even after I have typed in the username and password, the api page will show that I am not authenticated to view the page. I am using django_rest_framework by the way, maybe it's some sort of restriction on their side?

Cheers,
Cherie

[monoBOT]

2015-07-01 8:51 GMT+01:00 Cherie Pun <cherie...@gmail.com>:

We are using 'deploy.middleware.basicauth.BasicAuthMiddleware' right now. If I remove that line, I will be able to access the api page. However if it's included, when I access the api page, even after I have typed in the username and password, the api page will show that I am not authenticated to view the page. I am using django_rest_framework by the way, maybe it's some sort of restriction on their side?

​Go check the settings.py to see if you have a permission setting for the whole application.

--

monoBOT

Visite mi sitio(Visit my site): monobotsoft.es/blog/

[Cherie Pun]

Yes it is, would it be possible to disable it for a particular page?

Cheers,
Cherie

[monoBOT]

No, if that permission is applied to the whole application.

But you can aply the permission per view ... just delete that configuration in the settings file and manually apply on the views you want to.

--

You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/cef52288-e081-4243-b9ec-a385b9363ec8%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Cherie Pun]

I see. Thanks for the replies, really appreciate your help :)

Cheers,
Cherie