Simple twitter like app, trying to understand permissions and authentication. So i have 3 views for now, all posts views, specific person's posts, and a create post view. Looks like this:

def posts(request):
    posts = Post.objects.order_by("-created")
    serializer = PostSerializer(posts, many=True)
    return Response(

def profile(request, name):
    posts = Post.objects.filter(user__username=name)
    serializer = PostSerializer(posts, many=True)
    return Response(

def post_create(request):
    data =
    serializer = PostSerializer(data=data)
    if serializer.is_valid():
        return Response(, status=status.HTTP_201_CREATED)
    return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

Relevant settings:



    'network', # my app


I'm using rest-auth and allauth currently for logging in and registration, their URLs are working fine i think and I can register users and login and get my tokens. However, whenever i go to one of the URLs, it just says

    "detail": "Authentication credentials were not provided."

Even though I LITERALLY just logged in using the rest-auth URL and/or admin.

I think I have a slight idea on whats going on after hours of searching, I need to somehow pass in my token whenever I go to one of the URLs? I have no clue how to do something like that in my views while developing the API. When I start incorporating Reactjs, i can store the token in localstorage and so pass it in the header but is there any way to do it with nothing in the frontend?

I really need the credentials obviously cuz then i'd have access to request.user and i need the user object so i can add it when creating the post