encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-08-23 21:54:48 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add warning regarding TokenAuthentication expiration and rotation

Browse Source
This commit is contained in:
Dmitry Mazin 2018-10-02 18:52:57 -04:00
parent c9d2bbcead
commit 1f0716b3c8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/api-guide/authentication.md
View File

@ -160,7 +160,7 @@ The `curl` command line tool may be useful for testing token authenticated APIs.
---
**Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https`.
**Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https`. Additionally, beware that `TokenAuthentication` tokens do not rotate or expire. A number of [Third party packages](#third-party-packages) provide more advanced token support.
---