I am currently writing a REST API using the Django rest framework and oauth2 for authentication (using django-oauth-toolkit). I am very pleased with both of them, doing exactly what I want.
However, I have one problem. I transfer my application to production and realized that there might be a problem with the view / o / applications / view, accessible to everyone! I found myself surprised that I did not see anything in the dock, even when I try to do it. Did I miss something?
Some ideas on how to make a custom view requiring authentication as root (but that would be weird as it could mix different types of authentication, right?) Or add a dummy route to 401 or 403 for / o / applications / . But that sounds pretty uncomfortable for me ... isn't this the official "best" solution? I would be very surprised if I were the first to encounter this problem, I must have missed something ...
Thanks in advance!
source
share