JWT Authentication with Django REST Framework

JSON Web Token is an open standard for securely transferring data within parties using a JSON object. JWT is used for stateless authentication mechanisms for users and providers, this means maintaining session is on the client-side instead of storing sessions on the server. Here, we will implement the JWT authentication system in Django.

Modules required :

  • django : Django Installation
  • djangorestframework_simplejwt : 
    pip install djangorestframework_simplejwt

Basic setup :

Start a project by the following command –

 django-admin startproject config

Change directory to project config –



 cd config

Start the server- Start the server by typing following command in terminal –

 python manage.py runserver

To check whether the server is running or not go to a web browser and enter http://127.0.0.1:8000/ as URL.

Now stop the server by pressing

ctrl-c

Let’s create an app now called the “app”.

python manage.py startapp app

adding configuration to settings.py file :

open settings.py file in config folder and add configuration.

filter_none

edit
close

play_arrow

link
brightness_4
code

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ],
}

chevron_right






                        filter_none








edit urls.py file

open urls.py in config folder













                                    filter_none




                                    edit

                                    close




                                    play_arrow




                                    link

                                    brightness_4

                                    code
                                




















from django.urls import path, include 


from rest_framework_simplejwt import views as jwt_views 


  


urlpatterns = [ 


    path('api/token/', 


         jwt_views.TokenObtainPairView.as_view(), 


         name ='token_obtain_pair'), 


    path('api/token/refresh/', 


         jwt_views.TokenRefreshView.as_view(), 


         name ='token_refresh'), 


    path('', include('app.urls')), 


] 



















                        chevron_right







                        filter_none








edit views.py

open views.py in app folder and make a API view











                                    filter_none




                                    edit

                                    close




                                    play_arrow




                                    link

                                    brightness_4

                                    code
                                




















from rest_framework.views import APIView 


from rest_framework.response import Response 


from rest_framework.permissions import IsAuthenticated 


  


  


class HelloView(APIView): 


    permission_classes = (IsAuthenticated, ) 


  


    def get(self, request): 


        content = {'message': 'Hello, GeeksforGeeks'} 


        return Response(content) 



















                        chevron_right







                        filter_none








edit urls.py

create a urls.py in app folder and edit it 











                                    filter_none




                                    edit

                                    close




                                    play_arrow




                                    link

                                    brightness_4

                                    code
                                




















from django.urls import path 


from . import views 


  


urlpatterns = [ 


    path('hello/', views.HelloView.as_view(), name ='hello'), 


] 



















                        chevron_right







                        filter_none








Usage :


To make an HTTP request we have used HTTPie, to install it.


$ sudo apt install httpie




Step 1 :

migrate project, create a superuser and runserver


$ python3 manage.py migrate


$ python manage.py createsuperuser


$ python manage.py runserver 4000


Step 2 :

Now, we need to authenticate and obtain the token. which we will get at endpoint is

/api/token/ 


$ http post http://127.0.0.1:4000/api/token/ username=spider password=vinayak


add your user name and password




 Step 3 :

copy access token and make a request 


$  http http://127.0.0.1:4000/hello/ "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTg3Mjc5NDIxLCJqdGkiOiIzYWMwNDgzOTY3NjE0ZDgxYmFjMjBiMTBjMDlkMmYwOCIsInVzZXJfaWQiOjF9.qtNrUpyPQI8W2K2T22NhcgVZGFTyLN1UL7uqJ0KnF0Y"







    

        My Personal Notes
        arrow_drop_up
    

    

        
        

            
            
        

    


Recommended Posts:
itsvinayak
Check out this Author's contributed articles.
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on  the "Improve Article" button below.