diff --git a/rest_framework/authtoken/serializers.py b/rest_framework/authtoken/serializers.py
index 8e0128c14..a5ed6e6d7 100644
--- a/rest_framework/authtoken/serializers.py
+++ b/rest_framework/authtoken/serializers.py
@@ -1,12 +1,8 @@
from django.contrib.auth import authenticate
-
from rest_framework import serializers
-from rest_framework.authtoken.models import Token
-
class AuthTokenSerializer(serializers.Serializer):
- token = serializers.Field(source="key")
- username = serializers.CharField(max_length=30)
+ username = serializers.CharField()
password = serializers.CharField()
def validate(self, attrs):
@@ -26,12 +22,3 @@ class AuthTokenSerializer(serializers.Serializer):
else:
raise serializers.ValidationError('Must include "username" and "password"')
- def convert_object(self, obj):
- ret = self._dict_class()
- ret['token'] = obj.key
- ret['user'] = obj.user.id
- return ret
-
- def restore_object(self, attrs, instance=None):
- token, created = Token.objects.get_or_create(user=attrs['user'])
- return token
diff --git a/rest_framework/authtoken/urls.py b/rest_framework/authtoken/urls.py
index 8bea46c00..878721367 100644
--- a/rest_framework/authtoken/urls.py
+++ b/rest_framework/authtoken/urls.py
@@ -13,9 +13,8 @@ your authentication settings include `TokenAuthentication`.
)
"""
from django.conf.urls.defaults import patterns, url
-from rest_framework.authtoken.views import AuthTokenLoginView, AuthTokenLogoutView
+from rest_framework.authtoken.views import AuthTokenView
urlpatterns = patterns('rest_framework.authtoken.views',
- url(r'^login/$', AuthTokenLoginView.as_view(), name='token_login'),
- url(r'^logout/$', AuthTokenLogoutView.as_view(), name='token_logout'),
+ url(r'^login/$', AuthTokenView.as_view(), name='token_login'),
)
diff --git a/rest_framework/authtoken/views.py b/rest_framework/authtoken/views.py
index a52f0a77c..e027dff1c 100644
--- a/rest_framework/authtoken/views.py
+++ b/rest_framework/authtoken/views.py
@@ -1,19 +1,22 @@
from rest_framework.views import APIView
-from rest_framework.generics import CreateAPIView
+from rest_framework import status
+from rest_framework import parsers
+from rest_framework import renderers
+from rest_framework.response import Response
from rest_framework.authtoken.models import Token
from rest_framework.authtoken.serializers import AuthTokenSerializer
-from django.http import HttpResponse
-class AuthTokenLoginView(CreateAPIView):
+class AuthTokenView(APIView):
+ throttle_classes = ()
+ permission_classes = ()
+ parser_classes = (parsers.FormParser, parsers.MultiPartParser, parsers.JSONParser,)
+ renderer_classes = (renderers.JSONRenderer,)
model = Token
- serializer_class = AuthTokenSerializer
-
-class AuthTokenLogoutView(APIView):
def post(self, request):
- if request.user.is_authenticated() and request.auth:
- request.auth.delete()
- return HttpResponse("logged out")
- else:
- return HttpResponse("not logged in")
-
+ serializer = AuthTokenSerializer(data=request.DATA)
+ if serializer.is_valid():
+ token, created = Token.objects.get_or_create(user=serializer.object['user'])
+ return Response({'token': token.key})
+ return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
diff --git a/rest_framework/tests/authentication.py b/rest_framework/tests/authentication.py
index d1bc23d9b..cb16ef1e8 100644
--- a/rest_framework/tests/authentication.py
+++ b/rest_framework/tests/authentication.py
@@ -158,41 +158,28 @@ class TokenAuthTests(TestCase):
"""Ensure token login view using JSON POST works."""
client = Client(enforce_csrf_checks=True)
response = client.post('/auth-token/login/',
- json.dumps({'username': self.username, 'password': self.password}), 'application/json')
- self.assertEqual(response.status_code, 201)
+ json.dumps({'username': self.username, 'password': self.password}), 'application/json')
+ self.assertEqual(response.status_code, 200)
self.assertEqual(json.loads(response.content)['token'], self.key)
def test_token_login_json_bad_creds(self):
"""Ensure token login view using JSON POST fails if bad credentials are used."""
client = Client(enforce_csrf_checks=True)
response = client.post('/auth-token/login/',
- json.dumps({'username': self.username, 'password': "badpass"}), 'application/json')
+ json.dumps({'username': self.username, 'password': "badpass"}), 'application/json')
self.assertEqual(response.status_code, 400)
def test_token_login_json_missing_fields(self):
"""Ensure token login view using JSON POST fails if missing fields."""
client = Client(enforce_csrf_checks=True)
response = client.post('/auth-token/login/',
- json.dumps({'username': self.username}), 'application/json')
+ json.dumps({'username': self.username}), 'application/json')
self.assertEqual(response.status_code, 400)
def test_token_login_form(self):
"""Ensure token login view using form POST works."""
client = Client(enforce_csrf_checks=True)
response = client.post('/auth-token/login/',
- {'username': self.username, 'password': self.password})
- self.assertEqual(response.status_code, 201)
- self.assertEqual(json.loads(response.content)['token'], self.key)
-
- def test_token_logout(self):
- """Ensure token logout view using JSON POST works."""
- # Use different User and Token as to isolate this test's effects on other unittests in class
- username = "ringo"
- user = User.objects.create_user(username, "starr@thebeatles.com", "pass")
- token = Token.objects.create(user=user)
- auth = "Token " + token.key
- client = Client(enforce_csrf_checks=True)
- response = client.post('/auth-token/logout/', HTTP_AUTHORIZATION=auth)
+ {'username': self.username, 'password': self.password})
self.assertEqual(response.status_code, 200)
- # Ensure token no longer exists
- self.assertRaises(Token.DoesNotExist, lambda token: Token.objects.get(key=token.key), token)
+ self.assertEqual(json.loads(response.content)['token'], self.key)