An authentication token for djangorestframework that has an expiration date.
Project description
A new authentication backend for Django REST framework that uses a token with an expiration date. A new token is created every time a user logs in. The token expiration date is refreshed every time the token is used. It supports custom user models
How To Use
Add to your installed apps
INSTALLED_APPS = (
...
'timed_auth_token',
)
Add the authentication class to the default authentication classes
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
'timed_auth_token.authentication.TimedAuthTokenAuthentication',
)
}
The app comes with a login URL at /login. The endpoint expects two parameters: username and password.
url_patterns = [
...
# Can login by using /auth/login
url(r'^auth/', include('timed_auth_token.urls', namespace='auth')),
]
After a successful login the response contains one key: token.
{'token': 'lkjalsdjf8asdkjfal;kdfa8s;dlna;sdf'}
To use this token to authenticate it must be included in the HTTP headers:
Authorization: Token YOURTOKEN
Configuration
The only available configuration option is the duration of the token. It defaults to 30 days. You can set it either on the user model as an attribute or as a setting in your settings.py. If they are both set, the user model will take precedence.
Put it on your user model as an attribute
from datetime import timedelta from django.contrib.auth.models import User class MyUserModel(User): token_validity_duration = timedelta(days=60)
Put it in your settings.py
from datetime import timedelta TIMED_AUTH_TOKEN = { 'DEFAULT_VALIDITY_DURATION': timedelta(days=45) }
Credits
Starting code (model, auth backend) thanks to Jake from jh.gg.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for djangorestframework-timed-auth-token-0.3.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | be2f0a3ddd4ce93b186a637cffdbd11fd60ab86708cd3b9efd720e79180d4cd4 |
|
MD5 | 4c0d5868ef0344f3b8e648ef76b8a4e8 |
|
BLAKE2b-256 | 77b9df5f96d5141821b030692b07146b5060a6cabe11cf6d9ea510ff7ecf8243 |