Working with token-based authentication

Now, we will make changes to use token-based authentication to retrieve, update, or delete pilots. Only those users that have a token will be able to make these operations with pilots. Hence, we will setup a specific authentication for pilots. It will still be possible to see the pilot's name rendered in unauthenticated requests.

The token-based authentication requires a new model named Token. Make sure you quit the Django's development server. Remember that you just need to press Ctrl + C in the terminal or command prompt window in which it is running.

Of course, in a production environment, we must make sure that the RESTful Web Service is only available over HTTPS, with the usage of the latest TLS ...

Get Learn Web Development with Python now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.