Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
D
django-rest-framework
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
edx
django-rest-framework
Commits
7f987419
Commit
7f987419
authored
Sep 07, 2012
by
Mjumbe Wawatu Poe
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use "Token" as the scheme for token auth
parent
5a3874ee
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
15 additions
and
12 deletions
+15
-12
djangorestframework/tests/authentication.py
+2
-2
djangorestframework/tokenauth/authentication.py
+13
-10
No files found.
djangorestframework/tests/authentication.py
View file @
7f987419
...
@@ -127,13 +127,13 @@ class TokenAuthTests(TestCase):
...
@@ -127,13 +127,13 @@ class TokenAuthTests(TestCase):
def
test_post_form_passing_token_auth
(
self
):
def
test_post_form_passing_token_auth
(
self
):
"""Ensure POSTing json over token auth with correct credentials passes and does not require CSRF"""
"""Ensure POSTing json over token auth with correct credentials passes and does not require CSRF"""
auth
=
self
.
key
auth
=
'Token
%
s'
%
self
.
key
response
=
self
.
csrf_client
.
post
(
'/'
,
{
'example'
:
'example'
},
HTTP_AUTHORIZATION
=
auth
)
response
=
self
.
csrf_client
.
post
(
'/'
,
{
'example'
:
'example'
},
HTTP_AUTHORIZATION
=
auth
)
self
.
assertEqual
(
response
.
status_code
,
200
)
self
.
assertEqual
(
response
.
status_code
,
200
)
def
test_post_json_passing_token_auth
(
self
):
def
test_post_json_passing_token_auth
(
self
):
"""Ensure POSTing form over token auth with correct credentials passes and does not require CSRF"""
"""Ensure POSTing form over token auth with correct credentials passes and does not require CSRF"""
auth
=
self
.
key
auth
=
'Token
%
s'
%
self
.
key
response
=
self
.
csrf_client
.
post
(
'/'
,
json
.
dumps
({
'example'
:
'example'
}),
'application/json'
,
HTTP_AUTHORIZATION
=
auth
)
response
=
self
.
csrf_client
.
post
(
'/'
,
json
.
dumps
({
'example'
:
'example'
}),
'application/json'
,
HTTP_AUTHORIZATION
=
auth
)
self
.
assertEqual
(
response
.
status_code
,
200
)
self
.
assertEqual
(
response
.
status_code
,
200
)
...
...
djangorestframework/tokenauth/authentication.py
View file @
7f987419
...
@@ -15,19 +15,22 @@ class TokenAuthentication(BaseAuthentication):
...
@@ -15,19 +15,22 @@ class TokenAuthentication(BaseAuthentication):
The BaseToken class is available as an abstract model to be derived from.
The BaseToken class is available as an abstract model to be derived from.
The token key should be passed in as a string to the "Authorization" HTTP
The token key should be passed in as a string to the "Authorization" HTTP
header.
header. For example:
Authorization: Token 0123456789abcdef0123456789abcdef
"""
"""
model
=
Token
model
=
Token
def
authenticate
(
self
,
request
):
def
authenticate
(
self
,
request
):
key
=
request
.
META
.
get
(
'HTTP_AUTHORIZATION'
,
''
)
.
strip
()
auth
=
request
.
META
.
get
(
'HTTP_AUTHORIZATION'
,
''
)
.
strip
()
.
split
()
if
not
key
:
if
len
(
auth
)
==
2
and
auth
[
0
]
.
lower
()
==
"token"
:
return
None
key
=
auth
[
1
]
try
:
try
:
token
=
self
.
model
.
objects
.
get
(
key
=
key
)
token
=
self
.
model
.
objects
.
get
(
key
=
key
)
except
self
.
model
.
DoesNotExist
:
except
self
.
model
.
DoesNotExist
:
return
None
return
None
if
token
.
user
.
is_active
and
not
token
.
revoked
:
if
token
.
user
.
is_active
and
not
token
.
revoked
:
return
(
token
.
user
,
token
)
return
(
token
.
user
,
token
)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
