diff options
| author | Tom Christie | 2014-08-02 15:28:53 +0100 |
|---|---|---|
| committer | Tom Christie | 2014-08-02 15:28:53 +0100 |
| commit | 675fa48957fc5f5fbd796eb96d43d8f3191e5a2a (patch) | |
| tree | d6cbbc320a0de22973d63c5d009cb4cd02eb8f3a /tutorial/4-authentication-and-permissions.html | |
| parent | e35f636cbeb0a6b5134923340998f9be04c39491 (diff) | |
| download | django-rest-framework-675fa48957fc5f5fbd796eb96d43d8f3191e5a2a.tar.bz2 | |
Update sponsorships
Diffstat (limited to 'tutorial/4-authentication-and-permissions.html')
| -rw-r--r-- | tutorial/4-authentication-and-permissions.html | 114 |
1 files changed, 57 insertions, 57 deletions
diff --git a/tutorial/4-authentication-and-permissions.html b/tutorial/4-authentication-and-permissions.html index 8f59a2f5..0542be01 100644 --- a/tutorial/4-authentication-and-permissions.html +++ b/tutorial/4-authentication-and-permissions.html @@ -3,17 +3,17 @@ <head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <title>Tutorial 4: Authentication & Permissions - Django REST framework</title> - <link href="http://www.django-rest-framework.org/img/favicon.ico" rel="icon" type="image/x-icon"> - <link rel="canonical" href="http://www.django-rest-framework.org/tutorial/4-authentication-and-permissions"/> + <link href="file:///Users/tomchristie/GitHub/django-rest-framework/html//img/favicon.ico" rel="icon" type="image/x-icon"> + <link rel="canonical" href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/4-authentication-and-permissions.html"/> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content="Django, API, REST, Tutorial 4: Authentication & Permissions"> <meta name="author" content="Tom Christie"> <!-- Le styles --> - <link href="http://www.django-rest-framework.org/css/prettify.css" rel="stylesheet"> - <link href="http://www.django-rest-framework.org/css/bootstrap.css" rel="stylesheet"> - <link href="http://www.django-rest-framework.org/css/bootstrap-responsive.css" rel="stylesheet"> - <link href="http://www.django-rest-framework.org/css/default.css" rel="stylesheet"> + <link href="file:///Users/tomchristie/GitHub/django-rest-framework/html//css/prettify.css" rel="stylesheet"> + <link href="file:///Users/tomchristie/GitHub/django-rest-framework/html//css/bootstrap.css" rel="stylesheet"> + <link href="file:///Users/tomchristie/GitHub/django-rest-framework/html//css/bootstrap-responsive.css" rel="stylesheet"> + <link href="file:///Users/tomchristie/GitHub/django-rest-framework/html//css/default.css" rel="stylesheet"> <!-- Le HTML5 shim, for IE6-8 support of HTML5 elements --> <!--[if lt IE 9]> @@ -57,73 +57,73 @@ a.fusion-poweredby { <div class="navbar-inner"> <div class="container-fluid"> <a class="repo-link btn btn-primary btn-small" href="https://github.com/tomchristie/django-rest-framework/tree/master">GitHub</a> - <a class="repo-link btn btn-inverse btn-small " href="../tutorial/5-relationships-and-hyperlinked-apis">Next <i class="icon-arrow-right icon-white"></i></a> - <a class="repo-link btn btn-inverse btn-small " href="../tutorial/3-class-based-views"><i class="icon-arrow-left icon-white"></i> Previous</a> + <a class="repo-link btn btn-inverse btn-small " href="../tutorial/5-relationships-and-hyperlinked-apis.html">Next <i class="icon-arrow-right icon-white"></i></a> + <a class="repo-link btn btn-inverse btn-small " href="../tutorial/3-class-based-views.html"><i class="icon-arrow-left icon-white"></i> Previous</a> <a class="repo-link btn btn-inverse btn-small" href="#searchModal" data-toggle="modal"><i class="icon-search icon-white"></i> Search</a> <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </a> - <a class="brand" href="http://www.django-rest-framework.org">Django REST framework</a> + <a class="brand" href="file:///Users/tomchristie/GitHub/django-rest-framework/html/index.html">Django REST framework</a> <div class="nav-collapse collapse"> <ul class="nav"> - <li><a href="http://www.django-rest-framework.org">Home</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html/index.html">Home</a></li> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown">Tutorial <b class="caret"></b></a> <ul class="dropdown-menu"> - <li><a href="http://www.django-rest-framework.org/tutorial/quickstart">Quickstart</a></li> - <li><a href="http://www.django-rest-framework.org/tutorial/1-serialization">1 - Serialization</a></li> - <li><a href="http://www.django-rest-framework.org/tutorial/2-requests-and-responses">2 - Requests and responses</a></li> - <li><a href="http://www.django-rest-framework.org/tutorial/3-class-based-views">3 - Class based views</a></li> - <li><a href="http://www.django-rest-framework.org/tutorial/4-authentication-and-permissions">4 - Authentication and permissions</a></li> - <li><a href="http://www.django-rest-framework.org/tutorial/5-relationships-and-hyperlinked-apis">5 - Relationships and hyperlinked APIs</a></li> - <li><a href="http://www.django-rest-framework.org/tutorial/6-viewsets-and-routers">6 - Viewsets and routers</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/quickstart.html">Quickstart</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/1-serialization.html">1 - Serialization</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/2-requests-and-responses.html">2 - Requests and responses</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/3-class-based-views.html">3 - Class based views</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/4-authentication-and-permissions.html">4 - Authentication and permissions</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/5-relationships-and-hyperlinked-apis.html">5 - Relationships and hyperlinked APIs</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//tutorial/6-viewsets-and-routers.html">6 - Viewsets and routers</a></li> </ul> </li> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown">API Guide <b class="caret"></b></a> <ul class="dropdown-menu"> - <li><a href="http://www.django-rest-framework.org/api-guide/requests">Requests</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/responses">Responses</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/views">Views</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/generic-views">Generic views</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/viewsets">Viewsets</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/routers">Routers</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/parsers">Parsers</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/renderers">Renderers</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/serializers">Serializers</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/fields">Serializer fields</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/relations">Serializer relations</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/authentication">Authentication</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/permissions">Permissions</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/throttling">Throttling</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/filtering">Filtering</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/pagination">Pagination</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/content-negotiation">Content negotiation</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/format-suffixes">Format suffixes</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/reverse">Returning URLs</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/exceptions">Exceptions</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/status-codes">Status codes</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/testing">Testing</a></li> - <li><a href="http://www.django-rest-framework.org/api-guide/settings">Settings</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/requests.html">Requests</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/responses.html">Responses</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/views.html">Views</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/generic-views.html">Generic views</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/viewsets.html">Viewsets</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/routers.html">Routers</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/parsers.html">Parsers</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/renderers.html">Renderers</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/serializers.html">Serializers</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/fields.html">Serializer fields</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/relations.html">Serializer relations</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/authentication.html">Authentication</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/permissions.html">Permissions</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/throttling.html">Throttling</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/filtering.html">Filtering</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/pagination.html">Pagination</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/content-negotiation.html">Content negotiation</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/format-suffixes.html">Format suffixes</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/reverse.html">Returning URLs</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/exceptions.html">Exceptions</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/status-codes.html">Status codes</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/testing.html">Testing</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//api-guide/settings.html">Settings</a></li> </ul> </li> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown">Topics <b class="caret"></b></a> <ul class="dropdown-menu"> - <li><a href="http://www.django-rest-framework.org/topics/documenting-your-api">Documenting your API</a></li> - <li><a href="http://www.django-rest-framework.org/topics/ajax-csrf-cors">AJAX, CSRF & CORS</a></li> - <li><a href="http://www.django-rest-framework.org/topics/browser-enhancements">Browser enhancements</a></li> - <li><a href="http://www.django-rest-framework.org/topics/browsable-api">The Browsable API</a></li> - <li><a href="http://www.django-rest-framework.org/topics/rest-hypermedia-hateoas">REST, Hypermedia & HATEOAS</a></li> - <li><a href="http://www.django-rest-framework.org/topics/contributing">Contributing to REST framework</a></li> - <li><a href="http://www.django-rest-framework.org/topics/rest-framework-2-announcement">2.0 Announcement</a></li> - <li><a href="http://www.django-rest-framework.org/topics/2.2-announcement">2.2 Announcement</a></li> - <li><a href="http://www.django-rest-framework.org/topics/2.3-announcement">2.3 Announcement</a></li> - <li><a href="http://www.django-rest-framework.org/topics/kickstarter-announcement">Kickstarter Announcement</a></li> - <li><a href="http://www.django-rest-framework.org/topics/release-notes">Release Notes</a></li> - <li><a href="http://www.django-rest-framework.org/topics/credits">Credits</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/documenting-your-api.html">Documenting your API</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/ajax-csrf-cors.html">AJAX, CSRF & CORS</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/browser-enhancements.html">Browser enhancements</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/browsable-api.html">The Browsable API</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/rest-hypermedia-hateoas.html">REST, Hypermedia & HATEOAS</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/contributing.html">Contributing to REST framework</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/rest-framework-2-announcement.html">2.0 Announcement</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/2.2-announcement.html">2.2 Announcement</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/2.3-announcement.html">2.3 Announcement</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/kickstarter-announcement.html">Kickstarter Announcement</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/release-notes.html">Release Notes</a></li> + <li><a href="file:///Users/tomchristie/GitHub/django-rest-framework/html//topics/credits.html">Credits</a></li> </ul> </li> </ul> @@ -347,7 +347,7 @@ class IsOwnerOrReadOnly(permissions.BasePermission): </code></pre> <p>Now, if you open a browser again, you find that the 'DELETE' and 'PUT' actions only appear on a snippet instance endpoint if you're logged in as the same user that created the code snippet.</p> <h2 id="authenticating-with-the-api">Authenticating with the API</h2> -<p>Because we now have a set of permissions on the API, we need to authenticate our requests to it if we want to edit any snippets. We haven't set up any <a href="../api-guide/authentication">authentication classes</a>, so the defaults are currently applied, which are <code>SessionAuthentication</code> and <code>BasicAuthentication</code>.</p> +<p>Because we now have a set of permissions on the API, we need to authenticate our requests to it if we want to edit any snippets. We haven't set up any <a href="../api-guide/authentication.html">authentication classes</a>, so the defaults are currently applied, which are <code>SessionAuthentication</code> and <code>BasicAuthentication</code>.</p> <p>When we interact with the API through the web browser, we can login, and the browser session will then provide the required authentication for the requests.</p> <p>If we're interacting with the API programmatically we need to explicitly provide the authentication credentials on each request.</p> <p>If we try to create a snippet without authenticating, we'll get an error:</p> @@ -362,7 +362,7 @@ class IsOwnerOrReadOnly(permissions.BasePermission): </code></pre> <h2 id="summary">Summary</h2> <p>We've now got a fairly fine-grained set of permissions on our Web API, and end points for users of the system and for the code snippets that they have created.</p> -<p>In <a href="5-relationships-and-hyperlinked-apis">part 5</a> of the tutorial we'll look at how we can tie everything together by creating an HTML endpoint for our highlighted snippets, and improve the cohesion of our API by using hyperlinking for the relationships within the system.</p> +<p>In <a href="5-relationships-and-hyperlinked-apis.html">part 5</a> of the tutorial we'll look at how we can tie everything together by creating an HTML endpoint for our highlighted snippets, and improve the cohesion of our API by using hyperlinking for the relationships within the system.</p> </div><!--/span--> </div><!--/row--> </div><!--/.fluid-container--> @@ -378,9 +378,9 @@ class IsOwnerOrReadOnly(permissions.BasePermission): <!-- Le javascript ================================================== --> <!-- Placed at the end of the document so the pages load faster --> - <script src="http://www.django-rest-framework.org/js/jquery-1.8.1-min.js"></script> - <script src="http://www.django-rest-framework.org/js/prettify-1.0.js"></script> - <script src="http://www.django-rest-framework.org/js/bootstrap-2.1.1-min.js"></script> + <script src="file:///Users/tomchristie/GitHub/django-rest-framework/html//js/jquery-1.8.1-min.js"></script> + <script src="file:///Users/tomchristie/GitHub/django-rest-framework/html//js/prettify-1.0.js"></script> + <script src="file:///Users/tomchristie/GitHub/django-rest-framework/html//js/bootstrap-2.1.1-min.js"></script> <script> //$('.side-nav').scrollspy() |