Django-oauth is sending and receiving data without access token in ionic app?

187 views Asked by At

I am using Django-oauth-toolkit for social authentication in ionic android app.

First i get token from social auth plugin then i send it to django. Django-oauth-toolkit generates user and send me access token and refresh token back. After that when i send GET request for user related data (without sending access token in header) then also django-oauth is accepting the request and sends me back userdata.

How is it possible ? Am i doing something wrong in this ?

1

There are 1 answers

0
Ajeet Lakhani On BEST ANSWER

Found the reason.

It was happening due to

DEFAULT_AUTHENTICATION_CLASS
  'rest_framework.authentication.SessionAuthentication',

in Django Rest Framework.

This class allowed all the apis without access token.