How can I use the jwt token for authentication that i get from my login view

Question

I need to create JWT token authentication, but I don't know how, could you explain me how to do it better or put some examples? my view: class UserLogin(generics.CreateAPIView): """ POST auth/login/ """ # This permission class will overide the global permission # class setting permission_classes = (permissions.AllowAny,) queryset = User.objects.all() serializer_class = TokenSerializer def post(self, request, *args, **kwargs): username = request.data.get("username", "") password = request.data.get("password", "") user = auth.authenticate(request, username=username, password=password) if user is not None: auth.login(request, user) return Response({ "token": jwt_encode_handler(jwt_payload_handler(user)), 'username': username, }, status=200) return Response(status=status.HTTP_401_UNAUTHORIZED) JavaScript questions and answers, JavaScript questions pdf, JavaScript question bank, JavaScript questions and answers pdf, mcq on JavaScript pdf, JavaScript questions and solutions, JavaScript mcq Test , Interview JavaScript questions, JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)

Answer 1

You are creating the token in that view. After that, you need two other mechanism in place: Your client should send this token the the API with each request, in the Authorization header, like: Authorization: Bearer your_token On the api side, you need to use an authentication class, that looks for Authorization header, takes the token and decodes it, and finds the user instance associated with the token, if the token is valid. If you are using a library for drf jwt authentication, it should have an authentication class that you can use. If you are implementing it manually, you need to write an authentication class that subclasses DRF's BaseAuthentication class yourself. It could basically look like this: class JwtAuthentication(authentication.BaseAuthentication): def authenticate(self, request): auth_header = request.META.get('HTTP_AUTHORIZATION') if auth_header: key, token = auth_header.split(' ') if key == 'Bearer': # Decode the token here. If it is valid, get the user instance associated with it and return it ... return user, None # If token exists but it is invalid, raise AuthenticationFailed exception # If token does not exist, return None so that another authentication class can handle authentication You need to tell DRF to use this authentication class. Add this to your settings file for that: REST_FRAMEWORK = { ... 'DEFAULT_AUTHENTICATION_CLASSES': [ 'path.to.JwtAuthentication', ... ] }