DRF IsAuthenticated seems to be not working properly in remote server

Question

I started a migration of a personal project between two servers and I get a very weird behavior. My APP uses TokenAuthentication from DRF and is working perfectly in a local environment and in the previous server but in the new one I get the following error: "Authentication credentials were not provided.". At the first time I thought that it was because Nginx was not sending the right headers to the backend but after doing some debugging I found that the headers were ok. Im totally lost at this point, hope I can get some help. Thanks to everyone.

My REST_FRAMEWORK config:

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": [
        "rest_framework.authentication.SessionAuthentication",
        "rest_framework.authentication.TokenAuthentication",
        #"rest_framework_simplejwt.authentication.JWTAuthentication",
    ],
    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.LimitOffsetPagination",
    "PAGE_SIZE": 10,
    "DEFAULT_FILTER_BACKENDS": [
        "django_filters.rest_framework.DjangoFilterBackend"
    ],
}

Current view:

class UserInfoView(APIView):

    permission_classes = [IsAuthenticated]

    def get(self, request):
        user = self.request.user
        return Response({"type": user.user_type, "username": user.username})

Request made by CURL:

% curl 'http://myapp.com:8000/api/user-info/' \
  -H 'Connection: keep-alive' \
  -H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \
  -H 'Accept: application/json, text/plain, */*' \
  -H 'Authorization: Token 144e22bc66c9b145596690c8673ef9aaefbaad1d' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36' \
  -H 'sec-ch-ua-platform: "macOS"' \
  -H 'Sec-Fetch-Site: cross-site' \
  -H 'Sec-Fetch-Mode: cors' \
  -H 'Sec-Fetch-Dest: empty' \
  -H 'Referer: http://localhost:8100/' \
  -H 'Accept-Language: es-ES,es;q=0.9' \
  --compressed
{"detail":"Authentication credentials were not provided."}%                                               

View updated for debugging headers:

class UserInfoView(APIView):

    #permission_classes = [IsAuthenticated]

    def get(self, request):
        logger.info(request.headers)
        user = self.request.user
        return Response({"type": user.user_type, "username": user.username})

Headers debugged:

{'Content-Length': '', 'Content-Type': 'text/plain', 'Host': 'myapp.com:8000', 'Accept-Encoding': 'deflate, gzip', 'Connection': 'keep-alive', 'Sec-Ch-Ua': '" Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"', 'Accept': 'application/json, text/plain, */*', 'Authorization': 'Token 144e22bc66c9b145596690c8673ef9aaefbaad1d', 'Sec-Ch-Ua-Mobile': '?0', 'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36', 'Sec-Ch-Ua-Platform': '"macOS"', 'Sec-Fetch-Site': 'cross-site', 'Sec-Fetch-Mode': 'cors', 'Sec-Fetch-Dest': 'empty', 'Referer': 'http://localhost:8100/', 'Accept-Language': 'es-ES,es;q=0.9'}

Answer 1

Finally I found the solution:

A change made in the production settings was adding the following lines:

+REST_FRAMEWORK = {
+    'DEFAULT_RENDERER_CLASSES': (
+        'rest_framework.renderers.JSONRenderer',
+    )
+}

This setting was overriding the previously defined REST_FRAMEWORK configuration.