Python | Django Authentication

Last Updated :
Discuss
Comments

Question 1

In Django REST Framework what does basic authentication do?

  • It uses OAuth tokens to authenticate users

  • It checks a username and password sent with each request

  • It sends a one-time code by email

  • It uses session cookies only

Discuss it

Question 2

How do you globally enable basic authentication for all views in your DRF settings?

  • Add 'rest_framework.authentication.BasicAuthentication' to DEFAULT_AUTHENTICATION_CLASSES

  • Add 'rest_framework.authentication.TokenAuthentication' to DEFAULT_AUTHENTICATION_CLASSES

  • Set AUTH_USER_MODEL in settings

  • Change SESSION_COOKIE_AGE

Discuss it

Question 3

In a standard Django project why is it recommended to define a custom user model using AbstractUser?

  • To remove the login page entirely

  • To allow using fields like email instead of username for authentication

  • To disable all authentication and let everyone in

  • To use OAuth automatically

Discuss it

Question 4

Which setting must be updated when you use a custom user model in Django?

  • DEFAULT_AUTHENTICATION_CLASSES

  • INSTALLED_APPS

  • DATABASES['default']

  • AUTH_USER_MODEL

Discuss it

Question 5

With JSON Web Token authentication in DRF, which of the following is true about token use?

  • The token is never stored on the client

  • The token needs to be refreshed regularly if using refresh tokens

  • The token can only be used once then expires permanently

  • The token is validated by sending the password each time

Discuss it

Question 6

When protecting an API view so only authenticated users can access it in DRF which permission class is commonly used?

  • AllowAny

  • IsAuthenticatedOrReadOnly

  • IsAdminUser

  • IsAuthenticated

Discuss it

Question 7

In DRF when using basic or JWT authentication what happens if credentials are missing or invalid?

  • The credentials are ignored and view logic executes anyway

  • The request proceeds as anonymous user

  • The request gives 200 OK with empty data

  • The request is rejected with HTTP 401 or HTTP 403 depending on configuration

Discuss it

Question 8

Why might basic authentication be considered unsuitable for production use?

  • Because credentials are sent with every request and are vulnerable if not using HTTPS

  • Because it uses too much memory

  • Because it cannot support custom user models

  • Because it works only in development server

Discuss it
Tags:
Django

There are 8 questions to complete.

Take a part in the ongoing discussion