Merge branch 'master' of https://github.com/tomchristie/django-rest-framework

docs/topics/credits.md

@@ -112,6 +112,7 @@ The following people have helped make REST framework great.
 * Bouke Haarsma - [bouke]
 * Pierre Dulac - [dulaccc]
 * Dave Kuhn - [kuhnza]
+* Sitong Peng - [stoneg]
 
 Many thanks to everyone who's contributed to the project.
 
@@ -258,3 +259,4 @@ You can also contact [@_tomchristie][twitter] directly on twitter.
 [bouke]: https://github.com/bouke
 [dulaccc]: https://github.com/dulaccc
 [kuhnza]: https://github.com/kuhnza
+[stoneg]: https://github.com/stoneg

docs/tutorial/4-authentication-and-permissions.md

@@ -179,7 +179,7 @@ Now, if you open a browser again, you find that the 'DELETE' and 'PUT' actions o
 
 ## Authenticating with the API
 
-Because we now have a set of permissions on the API, we need to authenticate our requests to it if we want to edit any snippets.  We havn't set up any [authentication classes][authentication], so the defaults are currently applied, which are `SessionAuthentication` and `BasicAuthentication`.
+Because we now have a set of permissions on the API, we need to authenticate our requests to it if we want to edit any snippets.  We haven't set up any [authentication classes][authentication], so the defaults are currently applied, which are `SessionAuthentication` and `BasicAuthentication`.
 
 When we interact with the API through the web browser, we can login, and the browser session will then provide the required authentication for the requests.