django-rest-auth/docs/api_endpoints.rst

API endpoints
=============

Basic
-----

- /dj-rest-auth/login/ (POST)

    - username
    - email
    - password

    Returns Token key

- /dj-rest-auth/logout/ (POST)

    .. note:: ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET - this is the exact same configuration from allauth. NOT recommended, see: http://django-allauth.readthedocs.io/en/latest/views.html#logout

- /dj-rest-auth/password/reset/ (POST)

    - email

- /dj-rest-auth/password/reset/confirm/ (POST)

    - uid
    - token
    - new_password1
    - new_password2

    .. note:: uid and token are sent in email after calling /dj-rest-auth/password/reset/

- /dj-rest-auth/password/change/ (POST)

    - new_password1
    - new_password2
    - old_password

    .. note:: ``OLD_PASSWORD_FIELD_ENABLED = True`` to use old_password.
    .. note:: ``LOGOUT_ON_PASSWORD_CHANGE = False`` to keep the user logged in after password change

- /dj-rest-auth/user/ (GET, PUT, PATCH)

    - username
    - first_name
    - last_name

    Returns pk, username, email, first_name, last_name


- /dj-rest-auth/token/verify/ (POST)

    - token

    Returns an empty JSON object.

    .. note:: ``REST_USE_JWT = True`` to use token/verify/ route.
    .. note:: Takes a token and indicates if it is valid.  This view provides no information about a token's fitness for a particular use. Will return a ``HTTP 200 OK`` in case of a valid token and ``HTTP 401 Unauthorized`` with ``{"detail": "Token is invalid or expired", "code": "token_not_valid"}`` in case of a invalid or expired token.


- /dj-rest-auth/token/refresh/ (POST) (`see also <https://django-rest-framework-simplejwt.readthedocs.io/en/latest/getting_started.html#usage>`_)

    - refresh

    Returns access

    .. note:: ``REST_USE_JWT = True`` to use token/refresh/ route.
    .. note:: Takes a refresh type JSON web token and returns an access type JSON web token if the refresh token is valid. ``HTTP 401 Unauthorized`` with ``{"detail": "Token is invalid or expired", "code": "token_not_valid"}`` in case of a invalid or expired token.

Registration
------------

- /dj-rest-auth/registration/ (POST)

    - username
    - password1
    - password2
    - email

- /dj-rest-auth/registration/verify-email/ (POST)

    - key

    .. note:: If you set account email verification as mandatory, you have to add the VerifyEmailView with the used `name`.
        You need to import the view: ``from dj_rest_auth.registration.views import VerifyEmailView``. Then add the url with the corresponding name:
        ``path('dj-rest-auth/account-confirm-email/', VerifyEmailView.as_view(), name='account_email_verification_sent')`` to the urlpatterns list.


Social Media Authentication
---------------------------

Basing on example from installation section :doc:`Installation </installation>`

- /dj-rest-auth/facebook/ (POST)

    - access_token
    - code

    .. note:: ``access_token`` OR ``code`` can be used as standalone arguments, see https://github.com/jazzband/dj-rest-auth/blob/master/dj_rest_auth/registration/views.py

- /dj-rest-auth/twitter/ (POST)

    - access_token
    - token_secret
draft version of documentation 2014-10-09 15:01:47 +04:00			`API endpoints`
			`=============`

			`Basic`
			`-----`

Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/login/ (POST)`
draft version of documentation 2014-10-09 15:01:47 +04:00
Update API endpoints docs and docstring https://github.com/Tivix/django-rest-auth/issues/280 2016-12-08 03:12:01 +03:00			`- username`
			`- email`
			`- password`
draft version of documentation 2014-10-09 15:01:47 +04:00
Compile translations and small text fixes 2016-12-22 22:57:23 +03:00			`Returns Token key`
draft version of documentation 2014-10-09 15:01:47 +04:00
Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/logout/ (POST)`
Adds token to logout API documentation 2016-02-09 01:35:37 +03:00
Move note under info on accepted params 2016-12-01 06:38:03 +03:00			.. note:: ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET - this is the exact same configuration from allauth. NOT recommended, see: http://django-allauth.readthedocs.io/en/latest/views.html#logout

Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/password/reset/ (POST)`
draft version of documentation 2014-10-09 15:01:47 +04:00
			`- email`

Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/password/reset/confirm/ (POST)`
draft version of documentation 2014-10-09 15:01:47 +04:00
			`- uid`
			`- token`
			`- new_password1`
			`- new_password2`

Updates names 2020-03-01 03:10:25 +03:00			`.. note:: uid and token are sent in email after calling /dj-rest-auth/password/reset/`
update documentation 2014-10-09 16:16:39 +04:00
Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/password/change/ (POST)`
draft version of documentation 2014-10-09 15:01:47 +04:00
			`- new_password1`
			`- new_password2`
Added old password to Password Change 2015-05-22 22:47:06 +03:00			`- old_password`
Don't log the user out after change password - Django 1.7 2015-10-18 07:20:50 +03:00
Revert "Update documentation" This reverts commit 1c485bcbce3024d7b2e97e062c90c8371823f2c9. 2020-04-02 02:41:23 +03:00			.. note:: ``OLD_PASSWORD_FIELD_ENABLED = True`` to use old_password.
Don't log the user out after change password - Django 1.7 2015-10-18 07:20:50 +03:00			.. note:: ``LOGOUT_ON_PASSWORD_CHANGE = False`` to keep the user logged in after password change
draft version of documentation 2014-10-09 15:01:47 +04:00
Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/user/ (GET, PUT, PATCH)`
draft version of documentation 2014-10-09 15:01:47 +04:00
			`- username`
			`- first_name`
			`- last_name`
Update API endpoints docs and docstring https://github.com/Tivix/django-rest-auth/issues/280 2016-12-08 03:12:01 +03:00
			`Returns pk, username, email, first_name, last_name`
draft version of documentation 2014-10-09 15:01:47 +04:00

add documentation for token verify & refresh 2020-09-08 07:27:45 +03:00			`- /dj-rest-auth/token/verify/ (POST)`

			`- token`

			`Returns an empty JSON object.`

			.. note:: ``REST_USE_JWT = True`` to use token/verify/ route.
			.. note:: Takes a token and indicates if it is valid. This view provides no information about a token's fitness for a particular use. Will return a ``HTTP 200 OK`` in case of a valid token and ``HTTP 401 Unauthorized`` with ``{"detail": "Token is invalid or expired", "code": "token_not_valid"}`` in case of a invalid or expired token.


			- /dj-rest-auth/token/refresh/ (POST) (`see also <https://django-rest-framework-simplejwt.readthedocs.io/en/latest/getting_started.html#usage>`_)

			`- refresh`

			`Returns access`

			.. note:: ``REST_USE_JWT = True`` to use token/refresh/ route.
			.. note:: Takes a refresh type JSON web token and returns an access type JSON web token if the refresh token is valid. ``HTTP 401 Unauthorized`` with ``{"detail": "Token is invalid or expired", "code": "token_not_valid"}`` in case of a invalid or expired token.

draft version of documentation 2014-10-09 15:01:47 +04:00			`Registration`
			`------------`
update documentation 2014-10-09 16:16:39 +04:00
Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/registration/ (POST)`
update documentation 2014-10-09 16:16:39 +04:00
			`- username`
			`- password1`
			`- password2`
			`- email`

Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/registration/verify-email/ (POST)`
update documentation 2014-10-09 16:16:39 +04:00
			`- key`

Note in docs to add allauth urls if account email verification is mandatory Update docs to add `account_email_verification_sent` endpoint while using `registration`. Without this endpoint, if email verification is set to MANDATORY , it gives error ``` Reverse for 'account_email_verification_sent' not found. 'account_email_verification_sent' is not a valid view function or pattern name. ``` This is a copy PR of [#577](https://github.com/Tivix/django-rest-auth/pull/577) in in upstream project. 2020-03-30 19:32:12 +03:00			.. note:: If you set account email verification as mandatory, you have to add the VerifyEmailView with the used `name`.
Update module name Changed module name to `dj_rest_auth` 2020-03-31 05:27:14 +03:00			You need to import the view: ``from dj_rest_auth.registration.views import VerifyEmailView``. Then add the url with the corresponding name:
changed url to path 2020-04-16 16:38:03 +03:00			``path('dj-rest-auth/account-confirm-email/', VerifyEmailView.as_view(), name='account_email_verification_sent')`` to the urlpatterns list.
add documentation for token verify & refresh 2020-09-08 07:27:45 +03:00
Note in docs to add allauth urls if account email verification is mandatory Update docs to add `account_email_verification_sent` endpoint while using `registration`. Without this endpoint, if email verification is set to MANDATORY , it gives error ``` Reverse for 'account_email_verification_sent' not found. 'account_email_verification_sent' is not a valid view function or pattern name. ``` This is a copy PR of [#577](https://github.com/Tivix/django-rest-auth/pull/577) in in upstream project. 2020-03-30 19:32:12 +03:00
update documentation 2014-10-09 16:16:39 +04:00
			`Social Media Authentication`
			`---------------------------`

			Basing on example from installation section :doc:`Installation </installation>`

Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/facebook/ (POST)`
update documentation 2014-10-09 16:16:39 +04:00
			`- access_token`
now also accepting authorization codes from social login (e.g. facebook) 2015-08-07 13:26:57 +03:00			`- code`
Updated api_endpoints.rst with twitter login 2016-02-23 14:48:30 +03:00
Uses new org 2020-03-02 01:42:28 +03:00			.. note:: ``access_token`` OR ``code`` can be used as standalone arguments, see https://github.com/jazzband/dj-rest-auth/blob/master/dj_rest_auth/registration/views.py
Add info to docs and comments + Add comments by @chubz regarding django-allauth hmac pattern from PR #233 + Cleanup 2016-10-25 00:23:44 +03:00
Updates names 2020-03-01 03:10:25 +03:00			`- /dj-rest-auth/twitter/ (POST)`
Updated api_endpoints.rst with twitter login 2016-02-23 14:48:30 +03:00
			`- access_token`
			`- token_secret`