#87: Add authentication

README.md

@@ -11,7 +11,8 @@ ICAT API to interface with the Data Gateway
       - [Endpoints:](#endpoints)
       - [Mapped classes:](#mapped-classes)
       - [Querying and filtering](#querying-and-filtering)
-      - [Swagger Generation](#generating-the-swagger-spec)
+      - [Swagger Generation](#generating-the-swagger-spec-openapiyaml)
+      - [Authentication](#authentication)
   - [Database Generator](#database-generator)
   - [Running Tests](#running-tests)
 
@@ -145,6 +146,12 @@ query the database are also in this module.
 Class diagram for this module:
 ![image](https://user-images.githubusercontent.com/44777678/66651511-1d401a80-ec2b-11e9-96a4-316e94939a0f.png)
 
+#### Authentication
+Each request requires a valid session ID to be provided in the Authorization header. This header should take the form of `{"Authoirzation":"Bearer <session_id>"}` A session ID can be obtained by
+sending a post request to `/sessions/`  
+All endpoint methods that require a session id are decorated with `@requires_session_id`
+
+
 
 #### Generating the swagger spec: `openapi.yaml`
 The swagger generation script is located in `/src/swagger/swagger_generator.py`. The script will only run when