django-oauth-toolkit; Django Rest Framework - Authentication credentials were not provided

Question

My question is related to this one and this one but for some significant differences: for the first reference: I use django-oauth-toolkit although unlike the second reference, the user MUST be authenticated as this is not a registering endpoint but an upload one. I have successfully implemented other endpoints within the same application with the same setup and it works appropriately.

For example:

class projectsView(mixins.ListModelMixin,
                  mixins.CreateModelMixin,
                  generics.GenericAPIView):
    queryset = Project.objects.all()
    serializer_class = ProjectSerializer

    def get(self, request, *args, **kwargs):
        return self.list(request, *args, **kwargs)

    def post(self, request, *args, **kwargs):
        return self.create(request, *args, **kwargs)

    def perform_create(self, serializer):
        serializer.save(owner=self.request.user)

and it's model and serializer and urls works as expected. However this one:

 class uploadView(mixins.ListModelMixin,
                  mixins.CreateModelMixin,
                  generics.GenericAPIView):

     queryset = FileUpload.objects.all()
     parser_classes = (MultiPartParser, FormParser,) #(FileUploadParser,)
     serializer_class = FileUploadSerializer

     def post(self, request, *args, **kwargs):
         print(request.data['file'])
         return self.create(request, *args, **kwargs)

     def perform_create(self, serializer):
         serializer.save(owner=self.request.user, project_id=self.kwargs['pk'],
                      file=self.request.data['file'])

Does not as it returns {"detail":"Authentication credentials were not provided."} with code 401.

There is the minor detail that the "pk" parameter from the url references explicitly the corresponding project id as from it's url instruction: path('projects/<uuid:pk>/upload/', views.uploadView.as_view(), name='upload'),. But apart from that, as far as I can tell, the only difference is the parser_classes.

I use curl to test locally on my machine if this works and here is the curl instruction:

curl \
        -vvv \
        -X POST \
        --form "file=@$FILE_NAME" \
        --header "Authorization: Token $(cat token)" \
        "$URL"

Where $FILE_NAME is an excel file in this case and $URL is set to http://localhost:8000/<prefix>/projects/<project id>/upload/. The project id is valid as tested with the $URL value of http://localhost:8000/<prefix>/projects/<project id>/ with GET instead of POST and no --form option.

Why does the Bearer token from the oauth2 scheme works in the first example but not in the second? Is it related to the parsers or something else? And how to fix it?

Answer 1

The error is in the curl instruction: The default django-oauth-toolkit token keyword is not "Token" but "Bearer".

curl \
    -vvv \
    -X POST \
    --form "file=@$FILE_NAME" \
    --header "Authorization: Bearer $(cat token)" \
    "$URL"

works.