I want to authenticate the user with email and confirmation code. But JWT uses by default username and password for authentication. How can I change that?
Should I override TokenObtainSerializer?
Related
i am using django-allauth. I want that when users signup with social accounts, redirect to set the password page. I do not know what to do. Any suggestion.
if you want to reset/update the password you can use user.set_password(password)
In my django project, I am using django rest auth for api authentication. The default is to use username and password for login. I can also use email and password. But I want my user to have the option of either using email or username and password for login authentication; which I believe is more user friendly.
How do I do this in django rest auth?
I need to login programmatically in Django.I had registered by using normal registration page. but i need to login for a single person by saying the username and password in the program itself.So he is allowed to view the requested page.I don't need user authorization, just to redirect the page if username and password is " given in the program.."
You can use authenticate and login.
authenticate user credentials to confirm they are valid. If they are, authenticate will return a User object.
Then use login and you are all set.
Example:
from django.contrib.auth import login, authenticate
user = authenticate(request, username="some_user", password="some_password")
if user:
login(request, user)
Use with caution between sessions and make sure you are not mistakenly logging a stranger to an incorrect user.
Is there away to authenticate username and password in Django. all i can find is
https://simpleisbetterthancomplex.com/tutorial/2017/02/18/how-to-create-user-sign-up-view.html
this it is just uses username authentication
Django by default authenticating the user by using of username. If you want to authenticate the user with email instead of username you can check this tutorial. Authenticate user with email instead of username
It might be worth your while to look at allauth. https://django-allauth.readthedocs.io/en/latest/overview.html
Is it possible to use Django JWT rest framework to create a password recovery link?
An example would be to recover password by email and create an access token for it.
Or do I need to use the features of Django admin to do this?
Thank you very much.
This is not something you can do in Django JWT REST framework alone. You need to write custom views to fulfil this behavior.
You can subclass auth.PasswordResetView and create a new JWT token manually that is used in a password reset link delivered to email address of active user.
The following example is given in django-rest-framework-jwt for creating JWT token manually.
# Source: https://jpadilla.github.io/django-rest-framework-jwt/#creating-a-new-token-manually
from rest_framework_jwt.settings import api_settings
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
You'll also need to subclass auth.PasswordResetConfirmView to verify that the token wasn't used/expired.
Another option is to use Djoser.
This library would allow you to configure a password reset endpoint, user creation, password change, configure the email, etc. It is also compatible with JWT.