3đź‘Ť
âś…
Session Authentication can be implemented with Django REST Frameworks by adding SessionAuthentication class to settings.py as follows.
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
This will use Django's default session backend for Authentication. The catch, you’ll need to make sure you include a valid CSRF token for any “unsafe” HTTP method calls – PUT, PATCH, POST, DELETE.
For accessing current user, you can create API endpoint /users/current with
class CurrentUserView(APIView):
def get(self, request):
serializer = UserSerializer(request.user)
return Response(serializer.data)
👤Ganesh
Source:stackexchange.com