Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using Django REST Framework as an authentication backend for Django

Tags:

django

django-rest-framework

django-rest-auth

I currently have a large Django project leveraging Django REST Framework.

I have another, smaller Django project that I would like to build off of the main one that doesn't share the database directly but rather grabs necessary data over API.

I would like to override the AUTHENTICATION_BACKEND for the smaller project and have it use the API auth endpoint from the larger one as the authenticator.

Basically the process would go as follows:

  1. User attempts to log into the small Django project using credentials for their user in the large Django-DRF project.
  2. Small Django project sends API login request to large Django-DRF project.
  3. Large Django-DRF project returns API token and serialized user information.
  4. Small Django project auto-adds/updates user to its database with information from large Django-DRF project's response.
  5. Small Django project responds to user client with token so that AJAX requests from Small Django project's pages can be made directly to large Django-DRF project's endpoints.

Are there existing plugins worth leveraging for this use case or should I write my own AUTHENTICATION_BACKEND?

like image 210
Bradford Wade Avatar asked Oct 19 '22 11:10

Bradford Wade

1 Answers

It sounds like you may want to look into django-rest-framework-jwt. This would allow you to use JWT as your authentication mechanism, which can easily handle your case. The project actually provides an endpoint specifically for what you want, verify_jwt_token. According to the documentation:

In some microservice architectures, authentication is handled by a single service. Other services delegate the responsibility of confirming that a user is logged in to this authentication service. This usually means that a service will pass a JWT received from the user to the authentication service, and wait for a confirmation that the JWT is valid before returning protected resources to the user.

So your workflow would be something like:

  1. User authenticates to your larger API
  2. User receives a JWT back from the authentication request
  3. User sends the JWT along with each request to the smaller API
  4. The smaller API, upon receiving a JWT, forwards it to the verify_jwt_token endpoint in your larger API
like image 192
Joey Wilhelm Avatar answered Oct 21 '22 05:10

Joey Wilhelm
Sign in to Comment

Related questions

How to connect to oracle legacy database using cx_oracle django package?
sendfile() failed (32: Broken pipe) while sending request to upstream nginx 502
Django Tastypie: post value in multiple models to a single Tastypie Resource
Use SSH tunnel to make Django server think it's running inside AWS?
How to check if a template exists in Django?
Speeding Up the First Page Load in django

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!