diff options
| author | Mjumbe Wawatu Poe | 2012-09-07 12:53:39 -0400 |
|---|---|---|
| committer | Mjumbe Wawatu Poe | 2012-09-07 12:53:39 -0400 |
| commit | f3e65eab6b60a23eeed2178db4f6034ce2c6ac3d (patch) | |
| tree | 0f9216b2c42a17f943f9e69eb6d6b3e66f110838 /djangorestframework/tokenauth | |
| parent | 72bdd0fcec7faa32d7f24e0698736f9433b56f3f (diff) | |
| download | django-rest-framework-f3e65eab6b60a23eeed2178db4f6034ce2c6ac3d.tar.bz2 | |
Add a TokenAuthentication class in a sub-application
Diffstat (limited to 'djangorestframework/tokenauth')
| -rw-r--r-- | djangorestframework/tokenauth/__init__.py | 0 | ||||
| -rw-r--r-- | djangorestframework/tokenauth/authentication.py | 33 | ||||
| -rw-r--r-- | djangorestframework/tokenauth/models.py | 19 |
3 files changed, 52 insertions, 0 deletions
diff --git a/djangorestframework/tokenauth/__init__.py b/djangorestframework/tokenauth/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/djangorestframework/tokenauth/__init__.py diff --git a/djangorestframework/tokenauth/authentication.py b/djangorestframework/tokenauth/authentication.py new file mode 100644 index 00000000..35d56211 --- /dev/null +++ b/djangorestframework/tokenauth/authentication.py @@ -0,0 +1,33 @@ +from djangorestframework.authentication import BaseAuthentication +from .models import Token + +class TokenAuthentication(BaseAuthentication): + """ + Use a token model for authentication. + + A custom token model may be used here, but must have the following minimum + properties: + + * key -- The string identifying the token + * user -- The user to which the token belongs + * revoked -- The status of the token + + The BaseToken class is available as an abstract model to be derived from. + + The token key should be passed in as a string to the "Authorization" HTTP + header. + """ + model = Token + + def authenticate(self, request): + key = request.META.get('HTTP_AUTHORIZATION', '').strip() + if not key: + return None + + try: + token = self.model.objects.get(key=key) + except self.model.DoesNotExist: + return None + + if token.user.is_active and not token.revoked: + return (token.user, token) diff --git a/djangorestframework/tokenauth/models.py b/djangorestframework/tokenauth/models.py new file mode 100644 index 00000000..3b9a55bc --- /dev/null +++ b/djangorestframework/tokenauth/models.py @@ -0,0 +1,19 @@ +from django.db import models + +class BaseToken(models.Model): + """ + The base abstract authorization token model class. + """ + key = models.CharField(max_length=32, primary_key=True) + user = models.ForeignKey('auth.User') + revoked = models.BooleanField(default=False) + + class Meta: + abstract=True + + +class Token(BaseToken): + """ + The default authorization token model class. + """ + pass |