Django Authentication and ReactJS Templates - django

I have an existing login template served by django templates and it has no react components at all. I have recently integrated ReactJS and have created some routes and components and pages that are completely react. Now I am wondering how to get a user to login through the django template and then be redirected to the ReactJS page afterwards and pass on all the authentication/user information to ReactJS as well.
In Django, I am using the session authentication middleware.

I have done that just allowing an open url to my component something like ".../app/*". But this inside a template in Django as a bundle. What I do is to bind the view with that with LogginRequired from django-brases. So, if I want to se my app, I have to be authenticated. I hope this could help you.

Related

Postman with Django REST and AngularJS

I have a Django REST framework API which is accessed with a AngularJS frontend.
If I had a Django App called models, I could simply request its data in Postman simply by sending a GET to the URL localhost:8000/models/.
But since everything is routed through AngularJS and every Django App has multiple Controllers, that doesn't work. The GET on localhost:8000/models/ returns just the index.html, the entry point of the AngularJS.
So how can I achieve to send GET, POST etc. to the API?
BTW: I managed to get an X-CSRFToken by sending POST to http://localhost:8000/api/auth/login/ with login and password keys ans values. That URL was included in the Django Projects urls.py as urlpatterns.
No such urlpattern for the App models, or any other Django App, though.

Django rest_api and React

I am creating an am using Django and React. I have created custom user model api in Django using rest-framework, but i am confused about the whole login and signup system. Do we create login and signup modules in Django or React.
Can anyone please guide me through it, or suggest any tutorial.
You create the templates (login, signup, etc. pages) in React and connect them to DRF. There are multiple ways to perform authentication. Take a look to Authentication docs on DRF. https://django-rest-framework.org/api-guide/authentication

CSRF protection for Django and Angular application

I have an application with Django in backend and Angular in frontend. I am serving the application through Django. I want to write an API in django to perform edit on Angular form. For now I have written the API using #csrf exempt decorator on top of the view. But now I want to remove #csrf exempt decorator and want to protect it from csrf.
How to proceed for this.

Authenticate VueJS app to Django DRF back end using sessions

Good afternoon,
I am writing an app structured with two docker containers. Docker1 is the front end VueJS app, Docker2 is the backend Django DRF API. I would like to manage access using Sessions (NOT JWT's).
I am having trouble finding resources to help me get started on this approach. Does anyone have any good resources on how to interact with authenticating and managing Django sessions over DRF? Most of the examples use a DJango template form to do initial authentication which is not an option in this case.
EDIT: To be more specific, I intend to make the ajax calls via axios and expect to post to the built-in auth views. My question is around how to handle the csrf_token items.
Thanks for your help.
BCBB

Using Django Rest Framework for only certain apps inside Django Application

I'm not sure if this is possible since an extensive search gave me nothing. Or I might be searching the wrong terms.
Now I have a few apps inside my Django application as follows:
--AppOne
--AppTwo
--ExtendedAdmin
manage.py
Now, AppOne and AppTwo use Django Rest Framework and its related Token Auth Mechanism. For the extendedAdmin, I'd like to use native Django Auth or even SessionAuth of DRF since I'm trying to add quite an extensive admin panel to the application. I've not been able to find a satisfactory way of customizing Django Rest Framework to work it's auth mechanisms only for certain applications. Is there a way to do this? If not, what should I be doing different?
So far, I know you cannot. Because django rest framework intercepts the url and then performs its own logic of token validation. But there are solutions that you can use to keep both Session and Token Authentication.
I am using this for all my projects -
I keep Session Authentication for all urls that will be accessed for normal browsing
and I use api urls with django rest framework to be prefixed with /api for my api urls
For example -
The Session Based login is at http://<host>/account/login
and TokenBased login is at http://<host>/api/account/login
The easiest way to make prefixed url for django rest framework is by using Routers - http://www.django-rest-framework.org/api-guide/routers/#defaultrouter
Example -
class UserViewSet(ModelViewSet): # just a sample view set
...
router = routers.SimpleRouter()
router.register(r'api/users', UserViewSet)