Update docs

api-guide/authentication.html

@@ -186,6 +186,7 @@
 <li><a href="#django-oauth-toolkit">Django OAuth Toolkit</a></li>
 <li><a href="#django-oauth2-consumer">Django OAuth2 Consumer</a></li>
 <li><a href="#json-web-token-authentication">JSON Web Token Authentication</a></li>
+<li><a href="#hawk-http-authentication">Hawk HTTP Authentication</a></li>
 <li><a href="#http-signature-authentication">HTTP Signature Authentication</a></li>
 
               <div>
@@ -482,6 +483,8 @@ class ExampleAuthentication(authentication.BaseAuthentication):
 <p>The <a href="https://github.com/Rediker-Software/doac">Django OAuth2 Consumer</a> library from <a href="https://github.com/Rediker-Software">Rediker Software</a> is another package that provides <a href="https://github.com/Rediker-Software/doac/blob/master/docs/integrations.md#">OAuth 2.0 support for REST framework</a>.  The package includes token scoping permissions on tokens, which allows finer-grained access to your API.</p>
 <h2 id="json-web-token-authentication">JSON Web Token Authentication</h2>
 <p>JSON Web Token is a fairly new standard which can be used for token-based authentication. Unlike the built-in TokenAuthentication scheme, JWT Authentication doesn't need to use a database to validate a token. <a href="https://github.com/GetBlimp">Blimp</a> maintains the <a href="https://github.com/GetBlimp/django-rest-framework-jwt">djangorestframework-jwt</a> package which provides a JWT Authentication class as well as a mechanism for clients to obtain a JWT given the username and password.</p>
+<h2 id="hawk-http-authentication">Hawk HTTP Authentication</h2>
+<p>The <a href="http://hawkrest.readthedocs.org/en/latest/">HawkREST</a> library builds on the <a href="http://mohawk.readthedocs.org/en/latest/">Mohawk</a> library to let you work with <a href="https://github.com/hueniverse/hawk">Hawk</a> signed requests and responses in your API. <a href="https://github.com/hueniverse/hawk">Hawk</a> lets two parties securely communicate with each other using messages signed by a shared key. It is based on <a href="http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05">HTTP MAC access authentication</a> (which was based on parts of <a href="http://oauth.net/core/1.0a">OAuth 1.0</a>).</p>
 <h2 id="http-signature-authentication">HTTP Signature Authentication</h2>
 <p>HTTP Signature (currently a <a href="https://datatracker.ietf.org/doc/draft-cavage-http-signatures/">IETF draft</a>) provides a way to achieve origin authentication and message integrity for HTTP messages. Similar to <a href="http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Amazon's HTTP Signature scheme</a>, used by many of its services, it permits stateless, per-request authentication. <a href="https://github.com/etoccalino/">Elvio Toccalino</a> maintains the <a href="https://github.com/etoccalino/django-rest-framework-httpsignature">djangorestframework-httpsignature</a> package which provides an easy to use HTTP Signature Authentication mechanism.</p>
           </div><!--/span-->

api-guide/serializers.html

@@ -332,7 +332,7 @@ class EventSerializer(serializers.Serializer):
         """
         Check that the start is before the stop.
         """
-        if attrs['start'] < attrs['finish']:
+        if attrs['start'] > attrs['finish']:
             raise serializers.ValidationError("finish must occur after start")
         return attrs
 </code></pre>

topics/contributing.html

@@ -246,7 +246,7 @@ pip install -r optionals.txt
 # Run the tests
 rest_framework/runtests/runtests.py
 </code></pre>
-<p>You can also use the excellent <code>[tox][tox]</code> testing tool to run the tests against all supported versions of Python and Django.  Install <code>tox</code> globally, and then simply run:</p>
+<p>You can also use the excellent <a href="http://tox.readthedocs.org/en/latest/">tox</a> testing tool to run the tests against all supported versions of Python and Django.  Install <code>tox</code> globally, and then simply run:</p>
 <pre class="prettyprint lang-py"><code>tox
 </code></pre>
 <h2 id="pull-requests">Pull requests</h2>

topics/release-notes.html

@@ -225,6 +225,16 @@
 </code></pre>
 <hr />
 <h2 id="23x-series">2.3.x series</h2>
+<h3 id="2313">2.3.13</h3>
+<p><strong>Date</strong>: 6th March 2014</p>
+<ul>
+<li>Django 1.7 Support.</li>
+<li>Fix <code>default</code> argument when used with serializer relation fields.</li>
+<li>Display the media type of the content that is being displayed in the browsable API, rather than 'text/html'.</li>
+<li>Bugfix for <code>urlize</code> template failure when URL regex is matched, but value does not <code>urlparse</code>.</li>
+<li>Use <code>urandom</code> for token generation.</li>
+<li>Only use <code>Vary: Accept</code> when more than one renderer exists.</li>
+</ul>
 <h3 id="2312">2.3.12</h3>
 <p><strong>Date</strong>: 15th January 2014</p>
 <ul>

tutorial/4-authentication-and-permissions.html

@@ -290,7 +290,7 @@ url(r'^users/(?P<pk>[0-9]+)/$', views.UserDetail.as_view()),
 </code></pre>
 <h2 id="adding-login-to-the-browsable-api">Adding login to the Browsable API</h2>
 <p>If you open a browser and navigate to the browsable API at the moment, you'll find that you're no longer able to create new code snippets.  In order to do so we'd need to be able to login as a user.</p>
-<p>We can add a login view for use with the browsable API, by editing our URLconf once more.</p>
+<p>We can add a login view for use with the browsable API, by editing the URLconf in our project-level urls.py file.</p>
 <p>Add the following import at the top of the file:</p>
 <pre class="prettyprint lang-py"><code>from django.conf.urls import include
 </code></pre>