Django Authentication failure


#1

Hitting an django API – and not authenticating correctly. Could it be the formatting of the Authorization token header?

Per http://www.django-rest-framework.org/api-guide/authentication/
Django is looking for the Authentication header to be strings separated by spaces:

For clients to authenticate, the token key should be included in the Authorization HTTP header. The key should be prefixed by the string literal “Token”, with whitespace separating the two strings. For example:
Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b

But when I build an authentication header (my code):

let tokenStr:string = 'Token ’ + localStorage.getItem(‘loginToken’);
myHeaders.set(‘Authorization’, tokenStr);
let options: RequestOptions = new RequestOptions({
headers: myHeaders
});
console.log("headers " + JSON.stringify(options.headers));
return this.http.get(this.url + ‘/’ + endpoint, options);

When run, the tokenStr is wrapped in an array (console.log stringify results):

headers {“Authorization”:[“Token 39b0c7863f78d27f44c987e7c8c9105eb5ddde7d”]}

Django responds with a 403: Forbidden.

Since I know the token’s good, the only thing I can think of is that with the quotes and the array brackets, this doesn’t look like the example. While that seems too simplistic, are those the problem? If so, how can I build a compliant header in Ionic?
Am I missing something else?

Thanks


#2

As you write, console.log stringifies the headers array.

You have to look at the request your app is sending in the Network tab of your browser’s dev tools to see what is actually sent. Probably something else is going wrong.