diff options
| author | Marko Tibold | 2012-11-15 22:48:22 +0100 |
|---|---|---|
| committer | Marko Tibold | 2012-11-15 22:48:22 +0100 |
| commit | 403886b79b9bf5790ee6f07d6ca915cff5b3035a (patch) | |
| tree | 987db12d60d8dbf56d8f23ff694d7208df6e3184 /docs/api-guide/authentication.md | |
| parent | 69a01d71256b9923aac1b8d1b91063068ecfebf7 (diff) | |
| parent | 3b258d69c92e9d9293f7c5d1690f0ca434e677e3 (diff) | |
| download | django-rest-framework-403886b79b9bf5790ee6f07d6ca915cff5b3035a.tar.bz2 | |
Merge commit '3b258d69c92e9d9293f7c5d1690f0ca434e677e3' into file_and_image_fields
Diffstat (limited to 'docs/api-guide/authentication.md')
| -rw-r--r-- | docs/api-guide/authentication.md | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index 3137b9d4..cb1e2645 100644 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -97,6 +97,21 @@ If successfully authenticated, `TokenAuthentication` provides the following cred **Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https` only. +If you want every user to have an automatically generated Token, you can simply catch the User's `post_save` signal. + + @receiver(post_save, sender=User) + def create_auth_token(sender, instance=None, created=False, **kwargs): + if created: + Token.objects.create(user=instance) + +If you've already created some User`'s, you can run a script like this. + + from django.contrib.auth.models import User + from rest_framework.authtoken.models import Token + + for user in User.objects.all(): + Token.objects.get_or_create(user=user) + ## OAuthAuthentication This policy uses the [OAuth 2.0][oauth] protocol to authenticate requests. OAuth is appropriate for server-server setups, such as when you want to allow a third-party service to access your API on a user's behalf. |