djblets.webapi.auth.backends.api_tokens¶
Authentication support for using API tokens.
This provides two classes needed for integrating API token support.
TokenAuthBackendMixin must be subclassed or mixed into an
authentication backend and registered in
AUTHENTICATION_BACKENDS.
WebAPITokenAuthBackend must then be added to the API authentication
list at settings.WEB_API_AUTH_BACKENDS.
-
class
TokenAuthBackendMixin[source]¶ Bases:
objectMixin for a standard auth backend for API token authentication.
This will handle authenticating users and their API tokens for API requests. It’s only used for API requests that specify a username and a token.
This class is meant to be subclassed and mixed in to another auth backend. Subclasses must define
api_token_model.
-
class
WebAPITokenAuthBackend[source]¶ Bases:
djblets.webapi.auth.backends.base.WebAPIAuthBackendAuthenticates users using their generated API token.
This will check the
HTTP_AUTHORIZATIONheader for atoken <token>value. If found, it will attempt to find the user that owns the token, and authenticate that user.-
get_credentials(request)[source]¶ Return credentials for the token.
If the request is attempting to authenticate with a token, this will return a dictionary containing the token in a
tokenkey.Parameters: request (HttpRequest) – The HTTP request from the client. Returns: A dictionary containing the token in a tokenkey, if the client requested a token for authentication.Return type: dict
-
login_with_credentials(request, **credentials)[source]¶ Log the user in with the given credentials.
This performs the standard authentication operations, and then stores some session state for any restrictions specified by the token.
Parameters: - request (HttpRequest) – The HTTP request from the client.
- credentials (dict) – The credentials data from the request.
Returns: See the return type in
WebAPIAuthBackend.authenticate().Return type:
-