How to get the auth token?

[steverecio]

Maybe I'm missing this somewhere in the docs but where do I get the string to pass into the authorization header? I presume its not the digest, token_key, or salt given that those fields are all stored in plaintext in the database but the model doesn't seem to have any helper method to get the actual auth token...

[steverecio]

Ok I was able to get the token with the following code (discovered by looking through the unit tests):

instance, token = AuthToken.objects.create(user=user)

And then pass the header Authorization: Token {{ token }}.

Is there a way to get this token from the model object so that I can use a non-expiring token for my client facing API keys?

[jonathan-golorry]

Is there a way to get this token from the model object

No. Only a prefix and hash (and previously salt) are stored in the db. The whole point is that an attacker will be unable to calculate the token even if they get a copy of the DB.

so that I can use a non-expiring token for my client facing API keys?

You can configure knox for non-expiring tokens.

REST_KNOX = {
    "TOKEN_TTL": None,
}