I'm following the instructions to support TokenAuthentication in my rest-api site, shown here. Using cURL, I have been able to obtain my user's token (username - example, password - example), through the following command:
curl -X POST -d "username=example&password=example" localhost:8000/api/login/
This returns a successful response, with example's authentication token.
Yet when I do (what I think is) the same thing through Postman, it simply does not work. See image below.
From the error code (400 - Bad request), it seems like it's not even receiving the POST parameters at all. Can anyone help me here?
See your URL in postman. There is attached query String with the URL.So remove that query String from the URL and send parameters as a post request like this.
http://localhost:8000/api/login/
Even this is very old question, but if this answer would be helpful...
I had exactly same issue
solution:
don't put username and password in address bar,but only
and in body put json data of your username and password as below
be careful, don't use single quotation marks'', but use double quotation marks "" instead, otherwise will fail, no clue why
Depending on how your API is set up, you probably need to specify the content type in your request headers, Content-Type: application/json.
Related
I have not utilized this part of Django before, but I have an endpoint which is giving me a 403 error and is telling me that my request needs a csrf token. I was trying to figure out how best to get this since I was attempting to set up a bunch of curl requests to handle some simple queries to the endpoint. Likewise, I was thinking to also use POSTman, but I was not sure where documentation is to handle these request.
I have seen the cookie csrftoken, but when I was attempting to curl with it, it was still giving me a 403. thought it would looking something like this:
curl -d #profilepicturev2.png -b "csrftoken=Ebfn2OlfhSwFjAEQdoQon7wUjbynFoJqrtHMNPla3cy7ZfCMT9cxZ3OQHsbaedam" http://127.0.0.1:8000/api/files/uploader
Maybe I am mistaken? I am trying to send a photo to the server, so i was thinking that this would be correct and wasnt sure if i needed to add additional params in order to append additional data information.
i need to see your code, but i think you need to install "pillow" to send pictures in django !
I have a django app built with graphene and I have a problem running a simple POST query for the GraphQL endpoint, it keeps returning a 400 Bad request syntax.
but it should work since I don't have any problems running the query from the endpoint http://localhost:8000/graphql-dev
and I can't see any issues in the way I send the postman request.
I looked online for suitable solutions but couldn't find any that would help.
Any help/tips would be greatly appreciated.
EDIT:
I still didn't manage to see why I'm having this issue with postman, but here are some observations:
first, i changed the request to GET (since in graphql, query is for GET and mutation for POST - sorry, I missed that)
I tried the same request with postman (which didn't work) and with insomnia (which did)
with postman
with insomnia
What's weird is that if i check my django console the requests look the same.
EDIT2: okay, I figured it out...removing the Content-Type application/json did the trick. Now it works with postman as well.
I have the following API downloaded in JSON from Swagger Editor:
PUT http://10.37.64.243/m2m/fim/items/fim:device:manager/operations/getAllDeviceTypes?exclude={{exclude}}
with exclude being an environment variable set as : href,metadata,name,arguments
Nominal use requires basic authentication, in this case it works and I get a JSON body with expected result. It properly works in Postman (so I think my import is correct)
If no authentication is provided:
in Swagger Editor : nominal behaviour, request is rejected with error code 401
in Postman : UNEXPECTED behaviour, I end up with status code 200 and it returns a response body identical to the one that I get when authenticated
if I generate the cURL code snippet from Postman and launch it out of Postman: nominal behaviour, I get the same error as the one I get in Swagger Editor (the one expected)
Why do Postman behave differently from the cURL request ??
I probably do something wrong, but I can't figure out what
Thanks for any help
Alexandre
I finally found out that the server returns a cookie that holds authentication validation. So after a valid authentication, whatever the request (with or without authentication) it will be considered as authentified.
Unfortunately, the only way to overcome that problem is to remove the cookie by hand through the "Manage cookies" window. Postman does not implement a function that erase it (even through the pm.cookies and pm.cookies.clear() function).
Postman developpers are aware of that, but there's no scheduling for this feature ...
EDIT: the feature is followed here https://github.com/postmanlabs/postman-app-support/issues/3312
[SOLVED] Please see my answer.
Any POST request sent with the
Content-Type: multipart/form-data; boundary=xYzZY results in the request.POST QueryDict{} to be empty. Changing the Content-Type to multipart/form-data also results in the same error.
Removing the Content-Type altogether results in the values getting passed correctly, and I can access them in request.POST.
I have tried disabling the Csrf middleware, using #csrf_exempt, and also tried the same on multiple servers. Didn't change the empty POST condition.
While reading up on Django framework and POST content-type, I read that it (no longer) assumes a default content-type and therefore must be supplied with the correct one (I do not have a link to the article in question.) I think something similar is happening here, with django not being able to parse the parameters with the given content-type (but leaving it blank lets the parser interpret it with the default value).
What I am having trouble with is, that the Content-Type value supplied is perfectly valid (multipart/form-data with boundary). So why does django refuse to load it in the POST dictionary?
** I am not in control of the Content-Type sent in the POST data.
** UPDATE: reading from request.body shows that all the POST parameters are being received. They're just not present in request.POST
** UPDATE: I'm using Runscope to test POST requests.
As mentioned in the UPDATE, I was using Runscope to test the POST data. I realised that the error was with the way Runscope handled multipart/form-data. I raised the issue with support and got notified that Runscope does not support multipart as of now. I've copied the relevant information here:
We hope to support multipart form uploads capabilities for the future, but don't have a timeline on when this will be available. Some customers have made this work in their Radar tests (https://www.runscope.com/docs/radar) by pasting in the raw multipart-formatted body or unicode string input body into the request and making sure to include the applicable 'Content-type' header value with the correct boundaries. Some examples for building a multipart/form-data POST request can be found here: http://chxo.com/be2/20050724_93bf.html
For Runscope URLs, multipart data is passed through unmodified. However, the request editor and retries from the Traffic Inspector (https://www.runscope.com/docs/inspector) do not currently support multipart data which is why your request retry did not work. Additionally, request and response bodies larger than 1 MB are not saved for viewing after the request has been sent.
Using another service solved this for me.
You are (in a manner) in control of Content-Type. What you're looking for is enctype. You can use it as following:
<form method="POST" action="." enctype="multipart/form-data">
enctype is only required when you are uploading a file, otherwise, it's not.
I can't get POSTMAN to send any post variables to my Django app. Suppose I have a post variable called 'report_request' and it has a value that is a JSON string. On the Django side I want to get request.POST['report_request'] and parse the JSON into a dictionary. But POSTMAN never seems to send the POST data. How exactly do I do this? Is there some magical header I need to send?
Doh! My bad. The URL I need to connect to is really HTTPS rather than HTTP, but I was specifying the URL as http://. Apparently if Postman is asked to connect to an HTTPS site using HTTP, it silently just drops all POST variables. How lovely. Anyway it was an easy fix, just change the http:// url to https:// and all is well.
Be sure to provide the POST data in the body (body tab) of the request and not in the parameters (params tab).
Otherwise, POSTMAN will interpret your POST request as being without data and on a url with GET parameters.
See these specifications about csrf if needed
Check if you're sending the csrf token, it's a security feature.
https://docs.djangoproject.com/en/1.8/ref/csrf/