How Super user can access tokens of other users
I need to delete normal user account from superuser account. As user accounts are authenticated using token authentication, I think it will be needed to access user's token and pass it with the request header to make POST
,PUT
,DELETE
actions on it.
So is there any way to access it? Or is there any other substitute way to implement this?
python django django-rest-framework django-rest-auth django-rest-framework-jwt
add a comment |
I need to delete normal user account from superuser account. As user accounts are authenticated using token authentication, I think it will be needed to access user's token and pass it with the request header to make POST
,PUT
,DELETE
actions on it.
So is there any way to access it? Or is there any other substitute way to implement this?
python django django-rest-framework django-rest-auth django-rest-framework-jwt
Can you redefine your question more clearly... You have a user account you need removed with an attached token, but you may still need access to that token once deleted?
– Pythonista
Nov 15 '18 at 14:06
No, that's exactly not my case. I have two types of user accounts. Normal user accounts and superuser account. I need to delete a user account from superuser account usingDELETE
request
– Sreenath
Nov 15 '18 at 14:40
But since all the user profiles are authenticated, we may have to provide authentication credentials to performPOST
orDELETE
requests
– Sreenath
Nov 15 '18 at 14:42
Or along with thePOST
orDELETE
request, we should have to attach the authorisation header., ie the token value in this case
– Sreenath
Nov 15 '18 at 14:43
Am I clear to you?
– Sreenath
Nov 15 '18 at 14:43
add a comment |
I need to delete normal user account from superuser account. As user accounts are authenticated using token authentication, I think it will be needed to access user's token and pass it with the request header to make POST
,PUT
,DELETE
actions on it.
So is there any way to access it? Or is there any other substitute way to implement this?
python django django-rest-framework django-rest-auth django-rest-framework-jwt
I need to delete normal user account from superuser account. As user accounts are authenticated using token authentication, I think it will be needed to access user's token and pass it with the request header to make POST
,PUT
,DELETE
actions on it.
So is there any way to access it? Or is there any other substitute way to implement this?
python django django-rest-framework django-rest-auth django-rest-framework-jwt
python django django-rest-framework django-rest-auth django-rest-framework-jwt
asked Nov 15 '18 at 14:05
SreenathSreenath
12111
12111
Can you redefine your question more clearly... You have a user account you need removed with an attached token, but you may still need access to that token once deleted?
– Pythonista
Nov 15 '18 at 14:06
No, that's exactly not my case. I have two types of user accounts. Normal user accounts and superuser account. I need to delete a user account from superuser account usingDELETE
request
– Sreenath
Nov 15 '18 at 14:40
But since all the user profiles are authenticated, we may have to provide authentication credentials to performPOST
orDELETE
requests
– Sreenath
Nov 15 '18 at 14:42
Or along with thePOST
orDELETE
request, we should have to attach the authorisation header., ie the token value in this case
– Sreenath
Nov 15 '18 at 14:43
Am I clear to you?
– Sreenath
Nov 15 '18 at 14:43
add a comment |
Can you redefine your question more clearly... You have a user account you need removed with an attached token, but you may still need access to that token once deleted?
– Pythonista
Nov 15 '18 at 14:06
No, that's exactly not my case. I have two types of user accounts. Normal user accounts and superuser account. I need to delete a user account from superuser account usingDELETE
request
– Sreenath
Nov 15 '18 at 14:40
But since all the user profiles are authenticated, we may have to provide authentication credentials to performPOST
orDELETE
requests
– Sreenath
Nov 15 '18 at 14:42
Or along with thePOST
orDELETE
request, we should have to attach the authorisation header., ie the token value in this case
– Sreenath
Nov 15 '18 at 14:43
Am I clear to you?
– Sreenath
Nov 15 '18 at 14:43
Can you redefine your question more clearly... You have a user account you need removed with an attached token, but you may still need access to that token once deleted?
– Pythonista
Nov 15 '18 at 14:06
Can you redefine your question more clearly... You have a user account you need removed with an attached token, but you may still need access to that token once deleted?
– Pythonista
Nov 15 '18 at 14:06
No, that's exactly not my case. I have two types of user accounts. Normal user accounts and superuser account. I need to delete a user account from superuser account using
DELETE
request– Sreenath
Nov 15 '18 at 14:40
No, that's exactly not my case. I have two types of user accounts. Normal user accounts and superuser account. I need to delete a user account from superuser account using
DELETE
request– Sreenath
Nov 15 '18 at 14:40
But since all the user profiles are authenticated, we may have to provide authentication credentials to perform
POST
or DELETE
requests– Sreenath
Nov 15 '18 at 14:42
But since all the user profiles are authenticated, we may have to provide authentication credentials to perform
POST
or DELETE
requests– Sreenath
Nov 15 '18 at 14:42
Or along with the
POST
or DELETE
request, we should have to attach the authorisation header., ie the token value in this case– Sreenath
Nov 15 '18 at 14:43
Or along with the
POST
or DELETE
request, we should have to attach the authorisation header., ie the token value in this case– Sreenath
Nov 15 '18 at 14:43
Am I clear to you?
– Sreenath
Nov 15 '18 at 14:43
Am I clear to you?
– Sreenath
Nov 15 '18 at 14:43
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53321238%2fhow-super-user-can-access-tokens-of-other-users%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53321238%2fhow-super-user-can-access-tokens-of-other-users%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Can you redefine your question more clearly... You have a user account you need removed with an attached token, but you may still need access to that token once deleted?
– Pythonista
Nov 15 '18 at 14:06
No, that's exactly not my case. I have two types of user accounts. Normal user accounts and superuser account. I need to delete a user account from superuser account using
DELETE
request– Sreenath
Nov 15 '18 at 14:40
But since all the user profiles are authenticated, we may have to provide authentication credentials to perform
POST
orDELETE
requests– Sreenath
Nov 15 '18 at 14:42
Or along with the
POST
orDELETE
request, we should have to attach the authorisation header., ie the token value in this case– Sreenath
Nov 15 '18 at 14:43
Am I clear to you?
– Sreenath
Nov 15 '18 at 14:43