TokenAuthentication (DRF API Reference)
https://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication
Note: The token authentication provided by Django REST framework is a fairly simple implementation.
Django REST Knox
AuthorizationヘッダーにTokenを指定して認証できる
For clients to authenticate, the token key should be included in the Authorization HTTP header.
DEFAULT_AUTHENTICATION_CLASSESにrest_framework.authentication.TokenAuthenticationを追加
rest_framework.authtoken in your INSTALLED_APPS setting:
マイグレーション
The rest_framework.authtoken app provides Django database migrations.
If you want to use a different keyword in the header, such as Bearer, simply subclass TokenAuthentication and set the keyword class variable.
Note: If you use TokenAuthentication in production you must ensure that your API is only available over https.
curl -vでレスポンスのWWW-Authenticateヘッダを見ることで、指定するのがTokenかBearerか分かる
続く「Generating Tokens」(積ん読)
Signalを使う例