authentication

The authentication module provides a set of pluggable authentication classes.

Authentication behavior is provided by mixing the mixins.AuthMixin class into a View class.

The set of authentication methods which are used is then specified by setting the authentication attribute on the View class, and listing a set of authentication classes.

class authentication.BaseAuthentication(view)

All authentication classes should extend BaseAuthentication.

authenticate(request)

Authenticate the request and return a User or None. [*]

[*]

The authentication context will typically be a User, but it need not be. It can be any user-like object so long as the permissions classes (see the permissions module) on the view can handle the object and use it to determine if the request has the required permissions or not. This can be an important distinction if you’re implementing some token based authentication mechanism, where the authentication context may be more involved than simply mapping to a User.

class authentication.BasicAuthentication(view)

Use HTTP Basic authentication.

authenticate(request)

Returns a User if a correct username and password have been supplied using HTTP Basic authentication. Otherwise returns None.

class authentication.UserLoggedInAuthentication(view)

Use Django’s session framework for authentication.

authenticate(request)

Returns a User if the request session currently has a logged in user. Otherwise returns None.