This is my APIView:
class VerifyEmail(APIView):
serializer_class = EmailVerificationSerializer
token_param_config = openapi.Parameter(
'token',
in_=openapi.IN_QUERY,
description='Description',
type=openapi.TYPE_STRING
)
@permission_classes([permissions.AllowAny])
@swagger_auto_schema(manual_parameters=[token_param_config])
def get(self, request):
token = request.GET.get('token')
try:
payload = get_payload(request)
user = User.objects.get(id=payload['user_id'])
if not user.is_verified:
user.is_verified = True
user.save()
return Response({'email': 'Successfully activated'}, status=status.HTTP_200_OK)
except jwt.ExpiredSignatureError as identifier:
return Response({'error': 'Activation Expired'}, status=status.HTTP_400_BAD_REQUEST)
except jwt.exceptions.DecodeError as identifier:
return Response({'error': 'Invalid token'}, status=status.HTTP_400_BAD_REQUEST)
It is asking for authentication despite me mentioning AllowAny. I don't want this apiview to require authentication. The complete code is hosted here
from Getting Unauthenticated warnings despite using permissions.AllowAny
No comments:
Post a Comment