Tutorial by Examples

Authentication in Django REST Framework can be configured globally as a subkey of the REST_FRAMEWORK variable in settings.py, just like the rest of the default framework configurations. REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': ( 'rest_framework.authentication.BasicAuthen...

Authentication can be set for an specific APIView endpoint, by using the authentication_classes variable: from rest_framework.authentication import SessionAuthentication, BasicAuthentication from rest_framework.permissions import IsAuthenticated from rest_framework.response import Response ...

Django REST Framework provides a basic token-based authentication mechanism which needs to be configured as an application in Django before being usable, so that tokens are created in the database, and their lifecycle handled. Add Token-based authentication to settings.py INSTALLED_APPS = ( ...

OAuth is not handled by Django REST Framework, but there are a couple of pip modules that implement an OAuth client. The REST Framework documentation suggests one of the following modules: Django OAuth Toolkit Django REST Framework OAuth Django OAuth Toolkit pip install django-oauth-toolkit ...

The most interesting package for managing real tokens is django-rest-knox which supports multiple tokens per user (and cancelling each token independently), as well as having support for token expiration and several other security mechanisms. django-rest-knox depends on cryptography. You can find m...