From 99dce180253370874fa6fa2c269f9951d2207b4a Mon Sep 17 00:00:00 2001
From: Feanil Patel <feanil@axim.org>
Date: Thu, 20 Jul 2023 15:02:34 -0400
Subject: [PATCH] feat: Add JwtAuthentication as a default DRF auth class.

By default DRF sets 'DEFAULT_AUTHENTICATION_CLASSES' to:

```
[
    'rest_framework.authentication.SessionAuthentication',
    'rest_framework.authentication.BasicAuthentication'
]
```

We also want to allow for JWT Authentication as a valid default auth
choice.  This will allow users to send JWT tokens in the authorization
header to any existing API endpoints and access them. If any APIs have
set custom authentication classes, this will not override that.

I believe this is a fairly safe change to make since it only adds one
authentication class and does not impact authorization of any of the
endpoints that might be affected.
---
 lms/envs/common.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lms/envs/common.py b/lms/envs/common.py
index 95bfc26c109d..05cb91b003de 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -3294,6 +3294,11 @@ def _make_locale_paths(settings):  # pylint: disable=missing-function-docstring
     'DEFAULT_RENDERER_CLASSES': (
         'rest_framework.renderers.JSONRenderer',
     ),
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'edx_rest_framework_extensions.auth.jwt.authentication.JwtAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+        'rest_framework.authentication.BasicAuthentication'
+    ],
     'EXCEPTION_HANDLER': 'openedx.core.lib.request_utils.expected_error_exception_handler',
     'PAGE_SIZE': 10,
     'URL_FORMAT_OVERRIDE': None,