encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-01-24 08:14:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

Use "Token" as the scheme for token auth

Browse Source
This commit is contained in:
Mjumbe Wawatu Poe 2012-09-07 14:07:35 -04:00
parent 5a3874ee11
commit 7f98741939
2 changed files with 15 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
djangorestframework/tests/authentication.py
View File

@ -127,13 +127,13 @@ class TokenAuthTests(TestCase):
def test_post_form_passing_token_auth(self):
"""Ensure POSTing json over token auth with correct credentials passes and does not require CSRF"""
auth = self.key
auth = 'Token %s' % self.key
response = self.csrf_client.post('/', {'example': 'example'}, HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, 200)
def test_post_json_passing_token_auth(self):
"""Ensure POSTing form over token auth with correct credentials passes and does not require CSRF"""
auth = self.key
auth = 'Token %s' % self.key
response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json', HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, 200)

11
djangorestframework/tokenauth/authentication.py
View File

@ -15,14 +15,17 @@ class TokenAuthentication(BaseAuthentication):
The BaseToken class is available as an abstract model to be derived from.
The token key should be passed in as a string to the "Authorization" HTTP
header.
header. For example:
Authorization: Token 0123456789abcdef0123456789abcdef
"""
model = Token
def authenticate(self, request):
key = request.META.get('HTTP_AUTHORIZATION', '').strip()
if not key:
return None
auth = request.META.get('HTTP_AUTHORIZATION', '').strip().split()
if len(auth) == 2 and auth[0].lower() == "token":
key = auth[1]
try:
token = self.model.objects.get(key=key)