use django authentication instead of auth tokens.

src/paperless/settings.py

@@ -21,6 +21,9 @@ def __get_boolean(key, default="NO"):
     """
     return bool(os.getenv(key, default).lower() in ("yes", "y", "1", "t", "true"))
 
+# NEVER RUN WITH DEBUG IN PRODUCTION.
+DEBUG = __get_boolean("PAPERLESS_DEBUG", "NO")
+
 ###############################################################################
 # Directories                                                                 #
 ###############################################################################
@@ -66,7 +69,6 @@ INSTALLED_APPS = [
     "django.contrib.admin",
 
     "rest_framework",
-    "rest_framework.authtoken",
     "django_filters",
 
 ]
@@ -74,11 +76,15 @@ INSTALLED_APPS = [
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': [
         'rest_framework.authentication.BasicAuthentication',
-        'rest_framework.authentication.TokenAuthentication',
-        'paperless.auth.QueryTokenAuthentication'
+        'rest_framework.authentication.SessionAuthentication'
     ]
 }
 
+if DEBUG:
+    REST_FRAMEWORK['DEFAULT_AUTHENTICATION_CLASSES'].append(
+        'paperless.auth.AngularApiAuthenticationOverride'
+    )
+
 MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'whitenoise.middleware.WhiteNoiseMiddleware',
@@ -93,8 +99,6 @@ MIDDLEWARE = [
 
 ROOT_URLCONF = 'paperless.urls'
 
-LOGIN_URL = "admin:login"
-
 FORCE_SCRIPT_NAME = os.getenv("PAPERLESS_FORCE_SCRIPT_NAME")
 
 WSGI_APPLICATION = 'paperless.wsgi.application'
@@ -122,9 +126,6 @@ TEMPLATES = [
 # Security                                                                    #
 ###############################################################################
 
-# NEVER RUN WITH DEBUG IN PRODUCTION.
-DEBUG = __get_boolean("PAPERLESS_DEBUG", "NO")
-
 if DEBUG:
     X_FRAME_OPTIONS = ''
     # this should really be 'allow-from uri' but its not supported in any mayor