encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-08-02 19:40:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge d1802b0a9f into eb0a98ad4b

Browse Source
This commit is contained in:
Ben 2013-09-18 05:32:27 -07:00
commit 9bb7276083
2 changed files with 25 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
rest_framework/authentication.py
View File

@ -150,19 +150,20 @@ class TokenAuthentication(BaseAuthentication):
""" """
def authenticate(self, request): def authenticate(self, request):
auth = get_authorization_header(request).split() parts = get_authorization_header(request).split()
if parts:
if not auth or auth[0].lower() != b'token': if len(parts) == 1:
msg = 'Invalid token header. No credentials provided.'
raise exceptions.AuthenticationFailed(msg)
elif len(parts) > 2:
msg = 'Invalid token header. Token string should not contain spaces.'
raise exceptions.AuthenticationFailed(msg)
token = parts[1]
else:
token = request.GET.get('token', '')
if not token:
return None return None
return self.authenticate_credentials(token)
if len(auth) == 1:
msg = 'Invalid token header. No credentials provided.'
raise exceptions.AuthenticationFailed(msg)
elif len(auth) > 2:
msg = 'Invalid token header. Token string should not contain spaces.'
raise exceptions.AuthenticationFailed(msg)
return self.authenticate_credentials(auth[1])
def authenticate_credentials(self, key): def authenticate_credentials(self, key):
try: try:

12
rest_framework/templates/rest_framework/base.html
View File

@ -70,6 +70,7 @@
<!-- Content --> <!-- Content -->
<div id="content"> <div id="content">
{% if 'GET' in allowed_methods %} {% if 'GET' in allowed_methods %}
<form id="get-form" class="pull-right"> <form id="get-form" class="pull-right">
<fieldset> <fieldset>
@ -111,6 +112,17 @@
<div class="content-main"> <div class="content-main">
<div class="page-header"><h1>{{ name }}</h1></div> <div class="page-header"><h1>{{ name }}</h1></div>
{{ description }} {{ description }}
{% if user.auth_token.key %}
<input class="input-xxlarge" type="text" value="{{ user.auth_token.key}}" name="key" size="40" onclick="this.select()" />
<label class="help-inline" for="key">API Key</label>
<span class="help-block">
To use Token Authentication append the token into a GET variable named "token" or add
to the Authentization header as shown below:
</span>
<pre class="prettyprint">Authorization: Token {{ user.auth_token.key }}</pre>
{% endif %}
<div class="request-info" style="clear: both" > <div class="request-info" style="clear: both" >
<pre class="prettyprint"><b>{{ request.method }}</b> {{ request.get_full_path }}</pre> <pre class="prettyprint"><b>{{ request.method }}</b> {{ request.get_full_path }}</pre>
</div> </div>