13 files changed, 40 insertions, 10 deletions

diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md
index ed7ac288..ca29bc4d 100644
--- a/docs/api-guide/authentication.md
+++ b/docs/api-guide/authentication.md
@@ -1,3 +1,5 @@
+<a class="github" href="authentication.py"></a>
+
 # Authentication
 
 Authentication is the mechanism of associating an incoming request with a set of identifying credentials, such as the user the request came from, or the token that it was signed with.  The [permission] and [throttling] policies can then use those credentials to determine if the request should be permitted.
@@ -8,7 +10,7 @@ Authentication will run the first time either the `request.user` or `request.aut
 
 The `request.user` property will typically be set to an instance of the `contrib.auth` package's `User` class.
 
-The `request.auth` property is used for any additional authentication information, for example, it may be used to represent an authentication token that the request was signed with.  
+The `request.auth` property is used for any additional authentication information, for example, it may be used to represent an authentication token that the request was signed with.
 
 ## How authentication is determined
 
@@ -36,7 +38,7 @@ You can also set the authentication policy on a per-view basis, using the `APIVi
 
         def get(self, request, format=None):
             content = {
-                'user': unicode(request.user),  # `django.contrib.auth.User` instance. 
+                'user': unicode(request.user),  # `django.contrib.auth.User` instance.
                 'auth': unicode(request.auth),  # None
             }
             return Response(content)
@@ -49,7 +51,7 @@ Or, if you're using the `@api_view` decorator with function based views.
     )
     def example_view(request, format=None):
         content = {
-            'user': unicode(request.user),  # `django.contrib.auth.User` instance. 
+            'user': unicode(request.user),  # `django.contrib.auth.User` instance.
             'auth': unicode(request.auth),  # None
         }
         return Response(content)
@@ -65,16 +67,20 @@ If successfully authenticated, `UserBasicAuthentication` provides the following
 * `request.user` will be a `django.contrib.auth.models.User` instance.
 * `request.auth` will be `None`.
 
-## TokenBasicAuthentication
+## TokenAuthentication
+
+This policy uses [HTTP Authentication][basicauth] with no authentication scheme.  Token basic authentication is appropriate for client-server setups, such as native desktop and mobile clients.  The token key should be passed in as a string to the "Authorization" HTTP header.  For example:
 
-This policy uses [HTTP Basic Authentication][basicauth], signed against a token key and secret.  Token basic authentication is appropriate for client-server setups, such as native desktop and mobile clients.
+    curl http://my.api.org/ -X POST -H "Authorization: 0123456789abcdef0123456789abcdef"
 
-**Note:** If you run `TokenBasicAuthentication` in production your API must be `https` only, or it will be completely insecure.
+**Note:** If you run `TokenAuthentication` in production your API must be `https` only, or it will be completely insecure.
 
-If successfully authenticated, `TokenBasicAuthentication` provides the following credentials.
+If successfully authenticated, `TokenAuthentication` provides the following credentials.
 
 * `request.user` will be a `django.contrib.auth.models.User` instance.
-* `request.auth` will be a `djangorestframework.models.BasicToken` instance.
+* `request.auth` will be a `djangorestframework.tokenauth.models.BasicToken` instance.
+
+To use the `TokenAuthentication` policy, you must have a token model.  Django REST Framework comes with a minimal default token model.  To use it, include `djangorestframework.tokenauth` in your installed applications and sync your database.  To use your own token model, subclass the `djangorestframework.tokenauth.TokenAuthentication` class and specify a `model` attribute that references your custom token model.  The token model must provide `user`, `key`, and `revoked` attributes.  Refer to the `djangorestframework.tokenauth.models.BasicToken` model as an example.
 
 ## OAuthAuthentication
 
diff --git a/docs/api-guide/exceptions.md b/docs/api-guide/exceptions.md
index d41327c6..bb3ed56e 100644
--- a/docs/api-guide/exceptions.md
+++ b/docs/api-guide/exceptions.md
@@ -1,3 +1,5 @@
+<a class="github" href="exceptions.py"></a>
+
 # Exceptions
 
 
diff --git a/docs/api-guide/parsers.md b/docs/api-guide/parsers.md
index 2edc11de..5e2344a3 100644
--- a/docs/api-guide/parsers.md
+++ b/docs/api-guide/parsers.md
@@ -1,3 +1,5 @@
+<a class="github" href="parsers.py"></a>
+
 # Parsers
 
 ## .parse(request)
diff --git a/docs/api-guide/permissions.md b/docs/api-guide/permissions.md
index 8b137891..2e15107c 100644
--- a/docs/api-guide/permissions.md
+++ b/docs/api-guide/permissions.md
@@ -1 +1,3 @@
+<a class="github" href="permissions.py"></a>
 
+# Permissions
\ No newline at end of file
diff --git a/docs/api-guide/renderers.md b/docs/api-guide/renderers.md
index 5a66da69..1cd6d1a0 100644
--- a/docs/api-guide/renderers.md
+++ b/docs/api-guide/renderers.md
@@ -1,3 +1,5 @@
+<a class="github" href="renderers.py"></a>
+
 # Renderers
 
 ## .render(response)
diff --git a/docs/api-guide/requests.md b/docs/api-guide/requests.md
index 67ddfdac..6746bb20 100644
--- a/docs/api-guide/requests.md
+++ b/docs/api-guide/requests.md
@@ -1,3 +1,5 @@
+<a class="github" href="request.py"></a>
+
 # Requests
 
 > If you're doing REST-based web service stuff ... you should ignore request.POST.
diff --git a/docs/api-guide/responses.md b/docs/api-guide/responses.md
index 38f6e8cb..6c279f17 100644
--- a/docs/api-guide/responses.md
+++ b/docs/api-guide/responses.md
@@ -1,3 +1,5 @@
+<a class="github" href="response.py"></a>
+
 # Responses
 
 > Unlike basic HttpResponse objects, TemplateResponse objects retain the details of the context that was provided by the view to compute the response. The final output of the response is not computed until it is needed, later in the response process.
diff --git a/docs/api-guide/reverse.md b/docs/api-guide/reverse.md
index 5a1d6e26..6e42b68e 100644
--- a/docs/api-guide/reverse.md
+++ b/docs/api-guide/reverse.md
@@ -1,3 +1,5 @@
+<a class="github" href="reverse.py"></a>
+
 # Returning URIs from your Web APIs
 
 > The central feature that distinguishes the REST architectural style from other network-based styles is its emphasis on a uniform interface between components.
diff --git a/docs/api-guide/serializers.md b/docs/api-guide/serializers.md
index 377b0c10..38a1e560 100644
--- a/docs/api-guide/serializers.md
+++ b/docs/api-guide/serializers.md
@@ -1,3 +1,5 @@
+<a class="github" href="serializers.py"></a>
+
 # Serializers
 
 > Expanding the usefulness of the serializers is something that we would
diff --git a/docs/api-guide/settings.md b/docs/api-guide/settings.md
index 1411b9ec..ae8dce76 100644
--- a/docs/api-guide/settings.md
+++ b/docs/api-guide/settings.md
@@ -1,3 +1,5 @@
+<a class="github" href="settings.py"></a>
+
 # Settings
 
 Configuration for REST framework is all namespaced inside the `API_SETTINGS` setting.
diff --git a/docs/api-guide/status-codes.md b/docs/api-guide/status-codes.md
index c1d45905..6693c79f 100644
--- a/docs/api-guide/status-codes.md
+++ b/docs/api-guide/status-codes.md
@@ -1,3 +1,5 @@
+<a class="github" href="status.py"></a>
+
 # Status Codes
 
 > 418 I'm a teapot - Any attempt to brew coffee with a teapot should result in the error code "418 I'm a teapot". The resulting entity body MAY be short and stout.
diff --git a/docs/api-guide/throttling.md b/docs/api-guide/throttling.md
index 8b137891..e3a66c83 100644
--- a/docs/api-guide/throttling.md
+++ b/docs/api-guide/throttling.md
@@ -1 +1,3 @@
+<a class="github" href="throttling.py"></a>
 
+# Throttling
diff --git a/docs/api-guide/views.md b/docs/api-guide/views.md
index dd1dbebe..04647f91 100644
--- a/docs/api-guide/views.md
+++ b/docs/api-guide/views.md
@@ -1,9 +1,11 @@
+<a class="github" href="views.py"></a>
+
+# Views
+
 > Django's class based views are a welcome departure from the old-style views.
 >
 > &mdash; [Reinout van Rees][cite]
 
-# Views
-
 REST framework provides a simple `APIView` class, built on Django's `django.generics.views.View`.  The `APIView` class ensures five main things:
 
 1. Any requests inside the view will become `Request` instances.