Authentication

By default, ESSArch is configured with the following authentication schemes:

AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'ESSArch_Core.auth.backends.GroupRoleBackend',
    'guardian.backends.ObjectPermissionBackend',
]

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        'knox.auth.TokenAuthentication',
    )
}

This can be altered in the local configuration file.

Token Authentication

With knox.auth.TokenAuthentication enabled, HTTP Token Auth can be used to authenticate the user in API requests.

Get token

http

POST /api/auth/token_login/ HTTP/1.1
Host: localhost
Accept: application/json
Content-Type: application/json

{
  "username": "admin",
  "password": "admin"
}

curl

curl -i -X POST https://localhost/api/auth/token_login/ -H "Accept: application/json" -H "Content-Type: application/json" --data-raw '{"password": "admin", "username": "admin"}'

response

POST /api/auth/token_login/ HTTP/1.1
Host: localhost
Accept: application/json
Content-Type: application/json

{
  "username": "admin",
  "password": "admin"
}

Use token in request

http

GET /api/me/ HTTP/1.1
Host: localhost
Accept: application/json
Authorization: Token b6e06b94162ab7ddbc03ea81ae70cca1e654fd6

curl

curl -i -X GET https://localhost/api/me/ -H "Accept: application/json" -H "Authorization: Token b6e06b94162ab7ddbc03ea81ae70cca1e654fd6"

response

GET /api/me/ HTTP/1.1
Host: localhost
Accept: application/json
Authorization: Token b6e06b94162ab7ddbc03ea81ae70cca1e654fd6

Basic Authentication

With rest_framework.authentication.BasicAuthentication enabled, HTTP Basic Auth can be used to authenticate the user in API requests.

http

GET /api/me/ HTTP/1.1
Host: localhost
Accept: application/json
Authorization: Basic YWRtaW46YWRtaW4=

curl

curl -i -X GET https://localhost/api/me/ -H "Accept: application/json" --user admin:admin

response

GET /api/me/ HTTP/1.1
Host: localhost
Accept: application/json
Authorization: Basic YWRtaW46YWRtaW4=

Session Authentication

After acquiring a session using, for example, basic authentication, it can be used to authenticate users on subsequent requests using rest_framework.authentication.SessionAuthentication.