A bit of reading of the source code and the documentation of django-piston  leads me to understand that django-piston has been designed from the ground to enable you to easily write your own authentication handler. Out of the box it comes with "HttpBasicAuthentication" and OAuthAuthentication. "HttpBasicAuthentication" is a very good example how to implement a DjangoAuthentication.
An authentication handler is a class, which must have 2 methods: is_authenticated, challenge
class DjangoAuthentication(object): """ Django authentication. """ def __init__(self, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): if not login_url: login_url = settings.LOGIN_URL self.login_url = login_url self.redirect_field_name = redirect_field_name self.request = None def is_authenticated(self, request): """ This method call the `is_authenticated` method of django User in django.contrib.auth.models. `is_authenticated`: Will be called when checking for authentication. It returns True if the user is authenticated False otherwise. """ self.request = request return request.user.is_authenticated() def challenge(self): """ `challenge`: In cases where `is_authenticated` returns False, the result of this method will be returned. This will usually be a `HttpResponse` object with some kind of challenge headers and 401 code on it. """ path = urlquote(self.request.get_full_path()) tup = self.login_url, self.redirect_field_name, path return HttpResponseRedirect('%s?%s=%s' %tup)
The implementation is relatively simple, is_authenticated uses the method with the same name available from a django User and the challenge redirect the user to the login page.
This post will end the series on django-piston it was for me a pretext to get familliar with this great app that make creating a RESTFUL api for django easy. You can find all the modifications I did into my fork on bitbucket