djblets.webapi.auth.backends.api_tokens¶
Authentication support for using API tokens.
This provides two classes needed for integrating API token support.
TokenAuthBackendMixin
must be subclassed or mixed into an
authentication backend and registered in
AUTHENTICATION_BACKENDS
.
WebAPITokenAuthBackend
must then be added to the API authentication
list at settings.WEB_API_AUTH_BACKENDS
.
- class TokenAuthBackendMixin[source]¶
Bases:
object
Mixin for a standard auth backend for API token authentication.
This will handle authenticating users and their API tokens for API requests. It’s only used for API requests that specify a username and a token.
This class is meant to be subclassed and mixed in to another auth backend. Subclasses must define
api_token_model
.- authenticate(request, token=None, **kwargs)[source]¶
Authenticate a user, given a token ID.
- Parameters
request (
django.http.HttpRequest
, unused) – The request object.token (
unicode
, optional) – The API token ID to authenticate with.**kwargs (
dict
, unused) – Keyword arguments for future expansion.
- Returns
The resulting user, if a token matched, or
None
otherwise.- Return type
User
- validate_token(request, token, **kwargs)[source]¶
Check that the token is valid to use for authentication.
This will check if the token is invalid or expired. If so it will return a dictionary containing an error message with details on whether the token is invalid or expired and any appropriate HTTP headers to send to the client. If the token is valid to use for authentication this will return
None
.New in version 3.0.
- Parameters
request (
django.http.HttpRequest
) – The request object.token (
str
) – The API token ID to validate.**kwargs (
dict
, unused) – Additional keyword arguments.
- Returns
A dictionary containing the following keys:
error_message
(str):An error message explaining why the token cannot be used for authentication.
headers
(dict):A dictionary of HTTP headers to send to the client.
These are meant to be used as the
error_message
andheader
values in the return type ofdjblets.webapi.auth. backends.base.WebAPIAuthBackend.authenticate()
.If the token is valid to use for authentication this will return
None
.- Return type
- class WebAPITokenAuthBackend[source]¶
Bases:
djblets.webapi.auth.backends.base.WebAPIAuthBackend
Authenticates users using their generated API token.
This will check the
HTTP_AUTHORIZATION
header for atoken <token>
value. If found, it will attempt to find the user that owns the token, and authenticate that user.- get_credentials(request)[source]¶
Return credentials for the token.
If the request is attempting to authenticate with a token, this will return a dictionary containing the token in a
token
key.- Parameters
request (
HttpRequest
) – The HTTP request from the client.- Returns
A dictionary containing the token in a
token
key, if the client requested a token for authentication.- Return type
- login_with_credentials(request, **credentials)[source]¶
Log the user in with the given credentials.
This performs the standard authentication operations, and then stores some session state for any restrictions specified by the token.
- validate_credentials(request, **credentials)[source]¶
Validate that credentials are valid.
This will run through authentication backends to check whether the API token is valid to use. If the token is not valid to use this will stop the authentication process and return a message and headers on why it cannot be used.
New in version 3.0.
- Parameters
request (
django.http.HttpRequest
) – The HTTP request from the client.credentials (
dict
) – All credentials provided byget_credentials()
.
- Returns
See the return type in
WebAPIAuthBackend.authenticate()
.- Return type