Authorizations¶
Open Personen uses API-tokens as authorizations mechanism. You can connect an API-token to a user for identification.
Any backend change requires a change in the environment that are present when the application is launched. Add this setting to enable authorizations:
OPENPERSONEN_USE_AUTHENTICATION=True
Manage API tokens¶
You can manage API-tokens in the admin interface or create tokens from the command line.
Point your webbrowser to the admin interface, for example:
http://localhost:8000/admin/
Login with the username and password of a superuser (see Quickstart).
Navigate to API Autorisaties > Tokens
Click on Token toevoegen
Select a Gebruiker to link the API token to an existing user. Click on Opslaan en opnieuw bewerken.
The Key field should now have a value like
e5640c8bde0b9b1a168595d798df721ef12bbbef
You can now make API calls using this API-token. For example:
$ curl -i -H "Accept: application/json" -H "Authorization: Token e5640c8bde0b9b1a168595d798df721ef12bbbef" http://localhost:8000/api/ingeschrevenpersonen/999990676
You can not access the API from your browser anymore, since you need to pass the proper authorization header.
You can also create API-tokens from the command line:
$ python src/manage.py generate_token demo API token: e5640c8bde0b9b1a168595d798df721ef12bbbef
$ docker-compose exec web src/manage.py generate_token demo API token: e5640c8bde0b9b1a168595d798df721ef12bbbef
This causes a user
demo
to be created with the generated token. By default, this user has no permission to access the admin interface.