from django.contrib.auth.backends import ModelBackend from django.contrib.auth.models import User class TokenAuthBackend(ModelBackend): def authenticate(self, request, token=None): auth = request.headers.get('Authorization') if not token and auth and auth.startswith('Token '): token = auth[6:] try: return User.objects.get(profile__api_token=token) except User.DoesNotExist: return None