mirror of
https://github.com/encode/django-rest-framework.git
synced 2024-11-23 10:03:57 +03:00
commit
80bec363ef
6
docs/api-guide/authentication.md
Normal file → Executable file
6
docs/api-guide/authentication.md
Normal file → Executable file
|
@ -107,7 +107,7 @@ Unauthenticated responses that are denied permission will result in an `HTTP 401
|
||||||
|
|
||||||
WWW-Authenticate: Basic realm="api"
|
WWW-Authenticate: Basic realm="api"
|
||||||
|
|
||||||
**Note:** If you use `BasicAuthentication` in production you must ensure that your API is only available over `https` only. You should also ensure that your API clients will always re-request the username and password at login, and will never store those details to persistent storage.
|
**Note:** If you use `BasicAuthentication` in production you must ensure that your API is only available over `https`. You should also ensure that your API clients will always re-request the username and password at login, and will never store those details to persistent storage.
|
||||||
|
|
||||||
## TokenAuthentication
|
## TokenAuthentication
|
||||||
|
|
||||||
|
@ -148,7 +148,7 @@ The `curl` command line tool may be useful for testing token authenticated APIs.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
**Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https` only.
|
**Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https`.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -259,7 +259,7 @@ Finally, sync your database.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
**Note:** If you use `OAuth2Authentication` in production you must ensure that your API is only available over `https` only.
|
**Note:** If you use `OAuth2Authentication` in production you must ensure that your API is only available over `https`.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user