Getting Started
Project Setup
Add the app to your 'INSTALLED_APPS'
settings.py:
INSTALLED_APPS = [
...
'keypair_permissions'
]
Run the included migrations:
$ ./manage.py makemigrations
$ ./manage.py makemigrations keypair_permissions
$ ./manage.py migrate
Setting Permissions
You can require Cavage-based public key authorization either on individual API endpoints or across your entire site.
Individual API Endpoints
To require authorization on individual endpoints, include the library in the views.py
where API endpoints are described:
from keypair_permissions.permissions import HasHttpCryptoAuthorization
For each endpoint, set the permission_class
of that view to include HasHttpCryptoAuthorization
:
class EchoServerApiView(GenericApiView):
permission_classes = [HasHttpCryptoAuthorization]
def get(self, request):
return Response(request.body)
Combining Permission Policies
It is possible to combine permission policies, for instance IsAuthenticated
, so that either Public key authorization or Login Cookie authorization grants access to the View:
class EchoServerApiView(GenericApiView):
permission_classes = [HasHttpCryptoAuthorization | IsAuthenticated]
def get(self, request):
return Response(request.body)
Learn more about Django Rest Framework Permissions
Setting the Permission Policy Globally
The default permission policy may be set globally to public key authorization, using the settings.DEFAULT_PERMISSION_CLASSES
setting. For example:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': [
'keypair_permissions.permissions.HasHttpCryptoAuthorization',
]
}