Django Rest Framework how to disable authentication and authorization

Make sure you don't use rest_framework.urls and that your settings has:

'DEFAULT_AUTHENTICATION_CLASSES': tuple(),

as well as your views. With some luck, you won't have the authentication imported through another import.


I have solved my issue. After @Linovia's response, I checked the docs etc of DRF and changed the following properties:

REST_FRAMEWORK = { 
    'DEFAULT_AUTHENTICATION_CLASSES': [],
    'DEFAULT_PERMISSION_CLASSES': [],
    'UNAUTHENTICATED_USER': None,
}

And everything worked.


Use AllowAny instead of None. And also your response seems to be returning empty list. use serializer.data for retrieving data

from rest_framework.permissions import AllowAny

class NewsPostView(APIView):
    permission_classes = (AllowAny,)

    def get(self, request, format=None):
        posts = NewsPost.objects.all()
        serializer = NewsPostSerializer(posts, many=True)
        return Response(data=serializer.data)