urls.py
825 Bytes
-
Authorization changes to tighten permissions and use OAuth2. · f2862412
1. Explicitly added OAuth2 and Session as the authentication types allowed. Django Rest Framework allows the use of defaults via settings, but this may have unwanted side-effects since there are others using DRF with different APIs that have different requirements. 2. Created a ReadRestrictedDjangoModelPermissions class that is a subclass of DjangoModelPermissions. DjangoModelPermissions only cares about edit/update/delete permissions and makes everything world readable by default, which is not desirable for this API. 3. Added the DRF login URLs for running this project locally. 4. Add edX fork of django-oauth2-provider to requirements.
David Ormsbee committed