On 12/03/2013 01:06 μμ, Jani Tiainen wrote:
There is not exactly "RESTful way to authenticate", since after all
REST is just an architecture to represent different resources and thus
it's totally agnostic what comes to authentications and such.
Simplest one (if you're use HTTP(S)) is to use basic/digest auth.
Though true REST is protocol agnostic (for example it could use unix
sockets)
Query authencation, a.k.a. API key, only one that you can do protocol
agnostic way.
Cookie-based, for example posting credential query as POST (to create
new cookie) to /sessions/ url. Binds REST to HTTP(S) protocol again
and DELETE to /sessions/<session-id>/ to logout
Personally, if working with Django and HTTP I would go for cookie
based auth since it would be natural.
Otherwise API key isn't that bad option.
In my case I use Django and Tastypie. The whole thing works fine for non
authenticated users and I would like to provide content for my
registered users too.
Would the best practice be to use Django login form to authenticate the
user and then use Django authentication type (instead of api/key )with
tastypie to access the content for registered users I am after?
Thank you
--
--------------------------------------------------------------
Nick Apostolakis
e-mail: nicka...@oncrete.gr
Web Site: http://nick.oncrete.gr
--------------------------------------------------------------
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.