djblets.webapi.auth.backends.api_tokens¶
Authentication support for using API tokens.
This provides two classes needed for integrating API token support.
TokenAuthBackendMixin
must be subclassed or mixed into an
authentication backend and registered in
AUTHENTICATION_BACKENDS
.
WebAPITokenAuthBackend
must then be added to the API authentication
list at settings.WEB_API_AUTH_BACKENDS
.
- class TokenAuthBackendMixin[source]¶
Mixin for a standard auth backend for API token authentication.
This will handle authenticating users and their API tokens for API requests. It’s only used for API requests that specify a username and a token.
This class is meant to be subclassed and mixed in to another auth backend. Subclasses must define
api_token_model
.- authenticate(request, token=None, **kwargs)[source]¶
Authenticate a user, given a token ID.
- Parameters
request (django.http.HttpRequest) – The request object.
token (unicode, optional) – The API token ID to authenticate with.
**kwargs (dict) – Keyword arguments for future expansion.
- Returns
The resulting user, if a token matched, or
None
otherwise.- Return type
User
- class WebAPITokenAuthBackend[source]¶
Authenticates users using their generated API token.
This will check the
HTTP_AUTHORIZATION
header for atoken <token>
value. If found, it will attempt to find the user that owns the token, and authenticate that user.- get_credentials(request)[source]¶
Return credentials for the token.
If the request is attempting to authenticate with a token, this will return a dictionary containing the token in a
token
key.- Parameters
request (HttpRequest) – The HTTP request from the client.
- Returns
A dictionary containing the token in a
token
key, if the client requested a token for authentication.- Return type