Use "Token" as the scheme for token auth

djangorestframework/tests/authentication.py

@@ -127,13 +127,13 @@ class TokenAuthTests(TestCase):
 
     def test_post_form_passing_token_auth(self):
         """Ensure POSTing json over token auth with correct credentials passes and does not require CSRF"""
-        auth = self.key
+        auth = 'Token %s' % self.key
         response = self.csrf_client.post('/', {'example': 'example'}, HTTP_AUTHORIZATION=auth)
         self.assertEqual(response.status_code, 200)
 
     def test_post_json_passing_token_auth(self):
         """Ensure POSTing form over token auth with correct credentials passes and does not require CSRF"""
-        auth = self.key
+        auth = 'Token %s' % self.key
         response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json', HTTP_AUTHORIZATION=auth)
         self.assertEqual(response.status_code, 200)
 

djangorestframework/tokenauth/authentication.py

@@ -15,14 +15,17 @@ class TokenAuthentication(BaseAuthentication):
     The BaseToken class is available as an abstract model to be derived from.
 
     The token key should be passed in as a string to the "Authorization" HTTP
-    header.
+    header.  For example:
+
+        Authorization: Token 0123456789abcdef0123456789abcdef
+
     """
     model = Token
 
     def authenticate(self, request):
-        key = request.META.get('HTTP_AUTHORIZATION', '').strip()
+        auth = request.META.get('HTTP_AUTHORIZATION', '').strip().split()
-        if not key:
+        if len(auth) == 2 and auth[0].lower() == "token":
-            return None
+            key = auth[1]
 
             try:
                  token = self.model.objects.get(key=key)