Closed mykwillis closed 8 years ago
Thank you for this PR. I'm going to reject this because we're going to be implementing this differently going forward. We're going to support a similar setup to our other libraries: we'll have various types of 'authentication' backends, which support basic auth and oauth2. We have generated some standard naming conventions / practices for this over the last year, which we'll incorporate into this project =)
The
StormpathBackend
class doesn't work with API key authentication that is passed in the Auth header for BASIC authentication (it only works with username/password pairs). I created thisStormpathApiBackend
class that does support that scenario.StormpathApiBackend
behaves just likeStormpathBackend
in other respects, e.g., it sets up theUser
object properly, creating it if it doesn't exist in the Django DB.To use this, one needs to add another entry to the
AUTHENTICATION_BACKENDS
insettings.py
. This being done, end users can authenticate using either username/password or api token.