Re: [RFC PATCH] REST: enable token authentication

On Thu, 2017-05-25 at 18:47 +1000, Andrew Donnellan wrote: > Token authentication is generally viewed as a more secure option for > API > authentication than storing a username and password. > > Django REST Framework gives us a TokenAuthentication class and an > authtoken > app that we can use to

[RFC PATCH] REST: enable token authentication

Token authentication is generally viewed as a more secure option for API authentication than storing a username and password. Django REST Framework gives us a TokenAuthentication class and an authtoken app that we can use to generate random tokens and authenticate to API endpoints. Enable DRF's

[PATCH] docs/api: change POST to PATCH in REST API parameters example

api/rest.rst gives an example of how to POST parameters to the PatchDetail view at api/patches/. However, the endpoint in question doesn't support POST - you need to use PUT or PATCH. Change it to PATCH. Signed-off-by: Andrew Donnellan --- I have no idea whether

[PATCH 1/2] bundle: Fix use of basic auth for bundle mboxes

Commit 0b4f508a8438 ("views: Allow use of basic auth for bundle mboxes") added support for using Django REST Framework's BasicAuthentication to authenticate when accessing the bundle-mbox view. To check the user's credentials, we call BasicAuthentication.authenticate(), however, we don't check

[PATCH 2/2] tests: Add tests for viewing private bundles

Add some tests to check that owners can view their private bundles while other authenticated users can't. Signed-off-by: Andrew Donnellan --- I'm not very familiar with writing Django tests, please flame away --- patchwork/tests/test_bundles.py | 58

Re: [PATCH] docker: increase database connection timeout

Andrew Donnellan writes: > When starting the Docker environment, if the web container can't see the > database immediately, it waits 5 seconds, tries again, then waits 15 > seconds more to account for first-time start-ups where it takes a bit > longer for the