Menu
In DjangoRestFramework you can change keyword in header for token authentification.
From docs
Note: If you want to use a different keyword in the header, such as Bearer, simply subclass TokenAuthentication and set the keyword class variable.
What is the purpose of changing default keyword? I've seen 'Bearer', 'Basic' and a few other variants, but just don't understand the purpose of doing so. Can anyone explain?
815
Token authentication refers to exchanging username and password for a token that will be used in all subsequent requests so to identify the user on the server side. This article revolves about implementing token authentication using Django REST Framework to make an API.
Knox authentication is token based, similar to the TokenAuthentication built in to DRF. However, it overcomes some problems present in the default implementation: DRF tokens are limited to one per user. This does not facilitate securely signing in from multiple devices, as the token is shared.
With session-based auth, a session is generated and the ID is stored in a cookie. After logging in, the server validates the credentials. If valid, it generates a session, stores it, and then sends the session ID back to the browser.
I found how we need to pass the keyword to TokenAuthentication.
class BearerAuthentication(authentication.TokenAuthentication):
'''
Simple token based authentication using utvsapitoken.
Clients should authenticate by passing the token key in the 'Authorization'
HTTP header, prepended with the string 'Bearer '. For example:
Authorization: Bearer 956e252a-513c-48c5-92dd-bfddc364e812
'''
keyword = 'Bearer'
Then instead of using authentication.TokenAuthentication in the settings.py we will use BearerAuthentication
# settings.py
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'your.models.BearerAuthentication',
)
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
