diff options
Diffstat (limited to 'docs/api-guide/authentication.md')
| -rw-r--r-- | docs/api-guide/authentication.md | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index 18620f49..a30bd22c 100644 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -97,6 +97,23 @@ If successfully authenticated, `TokenAuthentication` provides the following cred **Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https` only. +If you want every user to have an automatically generated Token, you can simply catch the User's `post_save` signal. + + @receiver(post_save, sender=User) + def create_auth_token(sender, instance=None, created=False, **kwargs): + if created: + Token.objects.create(user=instance) + +If you've already created some User`'s, you can run a script like this. + + from django.contrib.auth.models import User + from rest_framework.authtoken.models import Token + + for user in User.objects.all(): + Token.objects.get_or_create(user=user) + +When using TokenAuthentication, it may be useful to add a login view for clients to retrieve the token. + REST framework provides a built-in login view for clients to retrieve the token called `rest_framework.authtoken.obtain_auth_token`. To use it, add a pattern to include the token login view for clients as follows: urlpatterns += patterns('', |