Login

API Views

There are two views used in the login workflow:

login

logout

Default serializers

DefaultLoginSerializer

Custom token generation

One can replace ‘AUTH_TOKEN_MANAGER_CLASS’ with his / her own class, which should inherit from / implement rest_registration.auth_token_managers.AbstractAuthTokenManager. The AbstractAuthTokenManager class has following methods:

If you’re using custom authentication class, you should set ‘LOGIN_RETRIEVE_TOKEN’ explicitly to True as token retrieval can be automatically turned on only when rest_framework.authentication.TokenAuthentication (or a subclass) is used.

List of settings

These settings can be used to configure login views. You should add them as keys (with values) to your settings.REST_REGISTRATION dict.

‘LOGIN_SERIALIZER_CLASS’

Default: 'rest_registration.api.serializers.DefaultLoginSerializer'

No description available, please add it here!

‘LOGIN_AUTHENTICATOR’

Default: 'rest_registration.utils.users.authenticate_by_login_data'

By default the login authenticator function will use ‘USER_LOGIN_FIELDS’ setting to extract the login field from the validated serializer data either by using the ‘login’ key or the specific login field name(s) (e.g. ‘username’, ‘email’). Then, it uses django.contrib.auth.authenticate() to find a matching user.

You can change that behavior by overriding this setting.

The authenticator function receives these parameters as positional arguments:

  • data - the validated data from the login serializer.

and these parameters as keyword arguments:

  • serializer - the source login serializer which generated the input data. This parameter could be dropped in the future, so it should be retrieved via kwargs.get() instead be named directly.

If the user cannot be found, the function should raise UserNotFound exception (from rest_registration.exceptions).

If the user can be found, it should be returned. The implementer should ensure that the right authentication backend (if it was used to find a match) is provided as backend attribute of the returned user.

‘LOGIN_AUTHENTICATE_SESSION’

Default: None

No description available, please add it here!

‘LOGIN_RETRIEVE_TOKEN’

Default: None

No description available, please add it here!

‘AUTH_TOKEN_MANAGER_CLASS’

Default: 'rest_registration.auth_token_managers.RestFrameworkAuthTokenManager'

The token manager class used by login and logout which provides an interface for providing and optionally revoking the token. The class should inherit from rest_registration.token_managers.AbstractTokenManager.

‘LOGIN_DEFAULT_SESSION_AUTHENTICATION_BACKEND’

Default: None

This setting allows to override the backend used in the login function.

It may be useful if Django AUTHENTICATION_BACKENDS setting does contain multiple values.

The value must be a dotted import path string or None.