__init__() missing 1 required positional argument: ‘get_response’ error on Django HttpOnly JWT solution

I currently have a Django setup that followed the guide below. Pretty much, it’s a workaround that allows for HTTPOnly cookies to be used with Django Rest Framework JWT authentication. It worked fine in Django 3.2, but I’m attempting to upgrade to Django 4, and I’m now running into the error below

How to store JWT tokens in HttpOnly cookies with DRF djangorestframework-simplejwt package?

Error:

__init__() missing 1 required positional argument: 'get_response'

I’m still a bit new to Django and DRF, so I have no idea what could be going on.

Edit:

Apologies, forgot to add some details. The error is in the following code, on CSRFCheck():

def enforce_csrf(request):
# Enforce CSRF validation.
check = CSRFCheck()
check.process_request(request)
# populates request.META['CSRF_COOKIE'], which is used in process_view()
reason = check.process_view(request, None, (), {})

if reason:
    # CSRF failed, bail with explicit error message
    raise exceptions.PermissionDenied('CSRF Failed: %s' % reason)

Traceback messages:

/usr/local/lib/python3.8/site-packages/django/core/handlers/exception.py, line 55, in inner

        return inner

    else:

        @wraps(get_response)

        def inner(request):

            try:

                response = get_response(request)

 …

            except Exception as exc:

                response = response_for_exception(request, exc)

            return response

        return inner

Local vars /usr/local/lib/python3.8/site-packages/django/core/handlers/base.py, line 197, in _get_response

        if response is None:

            wrapped_callback = self.make_view_atomic(callback)

            # If it is an asynchronous view, run it in a subthread.

            if asyncio.iscoroutinefunction(wrapped_callback):

                wrapped_callback = async_to_sync(wrapped_callback)

            try:

                response = wrapped_callback(request, *callback_args, **callback_kwargs)

 …

            except Exception as e:

                response = self.process_exception_by_middleware(e, request)

                if response is None:

                    raise

        # Complain if the view returned None (a common error).

Local vars /usr/local/lib/python3.8/site-packages/django/views/decorators/csrf.py, line 54, in wrapped_view

def csrf_exempt(view_func):

    """Mark a view function as being exempt from the CSRF view protection."""

    # view_func.csrf_exempt = True would also work, but decorators are nicer

    # if they don't have side effects, so return a new function.

    def wrapped_view(*args, **kwargs):

        return view_func(*args, **kwargs)

 …

    wrapped_view.csrf_exempt = True

    return wraps(view_func)(wrapped_view)

Local vars /usr/local/lib/python3.8/site-packages/django/views/generic/base.py, line 84, in view

            self = cls(**initkwargs)

            self.setup(request, *args, **kwargs)

            if not hasattr(self, "request"):

                raise AttributeError(

                    "%s instance has no 'request' attribute. Did you override "

                    "setup() and forget to call super()?" % cls.__name__

                )

            return self.dispatch(request, *args, **kwargs)

 …

        view.view_class = cls

        view.view_initkwargs = initkwargs

        # __name__ and __qualname__ are intentionally left unchanged as

        # view_class should be used to robustly determine the name of the view

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/views.py, line 509, in dispatch

                                  self.http_method_not_allowed)

            else:

                handler = self.http_method_not_allowed

            response = handler(request, *args, **kwargs)

        except Exception as exc:

            response = self.handle_exception(exc)

 …

        self.response = self.finalize_response(request, response, *args, **kwargs)

        return self.response

    def options(self, request, *args, **kwargs):

        """

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/views.py, line 469, in handle_exception

        exception_handler = self.get_exception_handler()

        context = self.get_exception_handler_context()

        response = exception_handler(exc, context)

        if response is None:

            self.raise_uncaught_exception(exc)

 …

        response.exception = True

        return response

    def raise_uncaught_exception(self, exc):

        if settings.DEBUG:

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/views.py, line 480, in raise_uncaught_exception

    def raise_uncaught_exception(self, exc):

        if settings.DEBUG:

            request = self.request

            renderer_format = getattr(request.accepted_renderer, 'format')

            use_plaintext_traceback = renderer_format not in ('html', 'api', 'admin')

            request.force_plaintext_errors(use_plaintext_traceback)

        raise exc

 …

    # Note: Views are made CSRF exempt from within `as_view` as to prevent

    # accidental removal of this exemption in cases where `dispatch` needs to

    # be overridden.

    def dispatch(self, request, *args, **kwargs):

        """

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/views.py, line 497, in dispatch

        self.args = args

        self.kwargs = kwargs

        request = self.initialize_request(request, *args, **kwargs)

        self.request = request

        self.headers = self.default_response_headers  # deprecate?

        try:

            self.initial(request, *args, **kwargs)

 …

            # Get the appropriate handler method

            if request.method.lower() in self.http_method_names:

                handler = getattr(self, request.method.lower(),

                                  self.http_method_not_allowed)

            else:

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/views.py, line 414, in initial

        request.accepted_renderer, request.accepted_media_type = neg

        # Determine the API version, if versioning is in use.

        version, scheme = self.determine_version(request, *args, **kwargs)

        request.version, request.versioning_scheme = version, scheme

        # Ensure that the incoming request is permitted

        self.perform_authentication(request)

 …

        self.check_permissions(request)

        self.check_throttles(request)

    def finalize_response(self, request, response, *args, **kwargs):

        """

        Returns the final response object.

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/views.py, line 324, in perform_authentication

        """

        Perform authentication on the incoming request.

        Note that if you override this and simply 'pass', then authentication

        will instead be performed lazily, the first time either

        `request.user` or `request.auth` is accessed.

        """

        request.user

 …

    def check_permissions(self, request):

        """

        Check if the request should be permitted.

        Raises an appropriate exception if the request is not permitted.

        """

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/request.py, line 227, in user

    def user(self):

        """

        Returns the user associated with the current request, as authenticated

        by the authentication classes provided to the request.

        """

        if not hasattr(self, '_user'):

            with wrap_attributeerrors():

                self._authenticate()

 …

        return self._user

    @user.setter

    def user(self, value):

        """

        Sets the user on the current request. This is necessary to maintain

Local vars /usr/local/lib/python3.8/site-packages/rest_framework/request.py, line 380, in _authenticate

    def _authenticate(self):

        """

        Attempt to authenticate the request using each authentication instance

        in turn.

        """

        for authenticator in self.authenticators:

            try:

                user_auth_tuple = authenticator.authenticate(self)

 …

            except exceptions.APIException:

                self._not_authenticated()

                raise

            if user_auth_tuple is not None:

                self._authenticator = authenticator

Local vars /django/users/authenticate.py, line 30, in authenticate

        if header is None:

            raw_token = request.COOKIES.get(settings.SIMPLE_JWT['AUTH_COOKIE']) or None

        else:

            raw_token = self.get_raw_token(header)

        if raw_token is None:

            return None

        validated_token = self.get_validated_token(raw_token)

        enforce_csrf(request)

 …

        return self.get_user(validated_token), validated_token

Local vars /django/users/authenticate.py, line 10, in enforce_csrf

from rest_framework.authentication import CSRFCheck

from rest_framework import exceptions

def enforce_csrf(request):

    # Enforce CSRF validation.

    check = CSRFCheck()

 …

    check.process_request(request)

    # populates request.META['CSRF_COOKIE'], which is used in process_view()

    reason = check.process_view(request, None, (), {})

    if reason:

        # CSRF failed, bail with explicit error message

Leave a Comment