I have a question regarding TastyPie and authentication. I have created my own custom user model for AJAX registration (in Django 1.5). that allows a user to signup via an API call.
I have this all working on the system using TastyPie for the API. The one thing that confuses me is authentication. How should I handle this? The user is not logged in but allowed to create a resource (a new user).
Is there any safe guards, or I'm I over thinking this?
You can make authentication available without sending token for accessing resources. When you create new user, you should send him token. Which he will use for accessing your resources (because REST api recommends avoid sessions for user authentication, users request must contain every thing for server side to give resource to him).