Reputation: 948
Are there authentication examples with Django and Tastypie?
Are there basic authentication examples with Django and Tastypie?. I'm a little bit confused about how the authentication in Django works, specially with Tastypie.I wanna know how the authentication works with api keys and how to authenticate a user with the built-in User model which Django has. Any suggestion or code are really appreciated. Thanks.
Upvotes: 1
Views: 3985
Answers (2)
Reputation: 15864
Just to answer your questions regarding authentication:
How the authentication in Django works?
Django authentication required SessionMiddleware to work. Once a session has been loaded, the Django authentication backend reads a special cookie _auth_user (IIRC) which contains currently logged in user's ID. If you have access to the django shell, you can manipulate it and make yourself logged in as any user! Once the backend notices there is a _auth_user key, it then adds a lazy User object to the request (so it delays the User.objects.get(...) until it is really needed). If there is no such key in the session dict, the user is claimed to be anonymous and an instance of AnonymousUser is added to the request object instead.
How does the authentication work in Tastypie?
Before your resource view is executed, a Resource.is_authenticated(request) method is called, which in turn calls the is_authenticated(request) method of the authentication backend of your the Resource of your choice. If the method returns False, the authentication is claimed to be failed and returns with Unauthorized error. If the method returns a HttpResponse, the response is returned instead. If the method returns True, the request is claimed to have been authenticated.
How does User model authentication work in Tastypie?
The User model authentication can be performed using SessionAuthentication backend provided by the Tastypie itself. What it does is creating a session for the current request so that the authentication middleware can then automatically insert relevant user model to the request. Notice that for this method to work, your API client has to support storing cookies and resending them in future requests.
Upvotes: 10
Reputation: 4412
You might find this useful. It allows you to authenticate the user based on the Django session cookie.
https://github.com/amezcua/TastyPie-DjangoCookie-Auth/blob/master/DjangoCookieAuth.py
I am using this in my application and it works!
Upvotes: 0
Related Questions
- Get authenticated user in django-tastypie
- Django, TastyPie, Authentication, and custom middleware headache
- TastyPie and Django authorization with ApiKeyAuthentication
- RESTful, user authentication, and Django-tastypie
- TastyPie Authentication from the same server
- How to sign-in? Django TastyPie with ApiKeyAuthentication actual authentication Process
- Using TastyPie for user registration. How to handle authentication?
- How to implement oAuth in Django with Tastipie
- django tastypie custom login
- need an example of doing authorization using django-tastypie