Token Authentication using django rest framework
Hi and welcome to my blog in this article we will cover the following things:
— — what is django rest framework..
— — what is token authentication
— — custom user model
— — token authentication….
let’s go.
1 What is django rest framework
according to the documentation django rest framework is a powerful and flexible toolkit for building Web APIs.
Some reasons you might want to use REST framework:
- The Web browsable API is a huge usability win for your developers.
- Authentication policies including packages for OAuth1a and OAuth2.
- Serialization that supports both ORM and non-ORM data sources.
- Customizable all the way down — just use regular function-based views if you don’t need the more powerful features.
- Extensive documentation, and great community support.
- Used and trusted by internationally recognised companies including Mozilla, Red Hat, Heroku, and Eventbrite.
2 -now what is a token authentication.
as you see here at the first time the User sign in using his password after that the server generate a unique token for that specific user,(So each user have unique token)
and he will send back this token to the user ,next time when this user want to get some data from the database he will send this token with his request so he do not need to enter his password and username in each time he want to do something witch require an authentication
Django provides a default User Model but it’s very recommended to use Custom User Model and a Custom User Manager for our Django Project.
custom user model and the custom User Manager gives us the power to handle the authentication part of our project.
so let’s see how we can do it .
first we have to import all of these librairies that we will need in our projects.
AbstractUser : is a just User model class builth in django and we can inherit from it and add our features if we want ( overriding)
BaseUserManager: provides the core implementation of a user model, including hashed passwords and tokenized password resets.
our custom user model class should include all othese methods
Don’t forget to register the user model in the admin.py file
and also you have to go to you’re setting.py file and tell django that you will use you’re custom user model instead of django default user model by adding this line to setting.py
account is our app name
User is our user model name.
so now let’s move to our main subject witch is token authentication
Generating Tokens:
first add this authentication class to your setting.py file(you can find it in django rest framework documentation
after that add “rest_framework.authtoken” to Installed apps
from django rest framework documentation we copy these lines of code and paste them in model.py file just bellow our custom user model class.
as we see here this method use django signals so what the hell is this ? is a design pattern who will help us to connect multiple apps in our project between them ,so a app get notified when other have some changes . you can read more about them in django documentation .
so here when a new user is created we go head and generate a token for that user .
now we are done with our model let’s go and create a serializer for that user model.
and urls.py
you see here 2 path the firt is for registering users and generate token for him, and the second is for logging ,and we use a view given by django rest framework witch is called obtain_auth_token
we are done with building the authentication api, you can clone the repository from my github account https://github.com/amineabdelmoumen/TokenAuthentication and i will be very happy to answer your questions or if you want to builth something together ,do not forget to give me your opinion about this article and correct my bugs if i had some.