API auth token

[hectorperez]

"When you call the login API function, the user token is returned" [1]

It seems that the token is NOT returned [2].

[1] https://agora-ciudadana.readthedocs.org/en/latest/api.html#authentication
[2] https://agora-ciudadana.readthedocs.org/en/latest/api.html#user-login

[edulix]

That's a typo in the documentation, actually. After that phrase, it also says "Currently the user token is currently only accesible through administrators that can access to the django shell". This is because for now, we wanted to limit the automatization of tasks through the API to a set of known users. I feel that your usecase might be different? to do what you suggest we could add a new feature to return the api_key when token_auth is activated in custom_settings.py, which shouldn't be very difficult to do.

[voodoorai2000]

Excellent!

Yes the use case for this is the ruby wrapper[1] for the AgoraVoting API.
Activating token authentication and sending the user token on the response of the API login call, would be perfect.

The other part of this feature would be that once the user token in sent on a call to the AgoraVoting API,
the user would be authorized to do it's corresponding actions, like voting in one of his agoras.

[1] https://github.com/agoraciudadana/agoravoting-rb