rest_auth API reference

Django Rest Framework Auth provides very simple & quick way to adopt authentication APIs’ to your django project.

Rationale

django-rest-framework’s Serializer is nice idea for detaching business logic from view functions. It’s very similar to django’s Form, but serializer is not obligible for rendering response data, and should not. - django forms also do this, seriously!!! some expert beginners just know form is ONLY FOR html form rendering :(

Unluckily, even though django already provides forms and views for authentication, We cannot use these for REST-APIs. It uses forms!! (rest_framework does not use forms.)

We think there should be some serializers & views (or viewsets) to use rest_framework’s full features. (such as throttling, pagination, versioning or content-negotiations)

Let’s have a good taste of these elegant implementations.

API Endpoints

Below API endpoints can be re-configured if you write your urls.py

  • POST /login/
    • username
    • password

    authenticate user and persist him/her to website

  • POST /logout/

    let a user logged out.

Note

Logout from HTTP GET is not implemented.

  • POST /forgot/
    • email

    send a link for resetting password to user

  • GET /reset/{uid64}/{token}/
    • uid64, token - automatically generated tokens (when email is sent)
    • new_password
    • new_password (confirm)

    reset a password for user

  • GET /reset/d/

    a view seen by user after resetting password

  • POST /change-password/
    • old_password
    • new_password
    • new_password (confirm)

    change a password for user

  • GET /api-root/
    • see api lists
  • POST /signup/
    • username
    • email
    • password
    • confirm_password

    Create a user.

    verification e-mail is sent when you set REST_AUTH_SIGNUP_REQUIRE_EMAIL_CONFIRMATION

  • GET /signup/v/{uid64}/{token}/

    Verify user. After verification, user can use full features of websites.