encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-08-02 19:40:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Token authentication should allow logged-in users from taking advantage of the browsable API feature by checking if the user is logged-in. In that case, get or create the token and let the logged in user pass through the process

Browse Source
This commit is contained in:
Rakan Alhneiti 2013-11-21 00:21:21 +03:00
parent 3765865b4b
commit cb4150b4f9
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
rest_framework/authentication.py
View File

@ -150,6 +150,16 @@ class TokenAuthentication(BaseAuthentication):
"""
def authenticate(self, request):
# Get the underlying HttpRequest object
request = request._request
user = getattr(request, 'user', None)
# If we have a logged-in user, skip checking and let the user pass
if user and user.is_active:
token = self.model.objects.get_or_create(user=user)[0]
return (user, token)
auth = get_authorization_header(request).split()
if not auth or auth[0].lower() != b'token':