5

I currently have a large Django project leveraging Django REST Framework.

I have another, smaller Django project that I would like to build off of the main one that doesn't share the database directly but rather grabs necessary data over API.

I would like to override the AUTHENTICATION_BACKEND for the smaller project and have it use the API auth endpoint from the larger one as the authenticator.

Basically the process would go as follows:

  1. User attempts to log into the small Django project using credentials for their user in the large Django-DRF project.
  2. Small Django project sends API login request to large Django-DRF project.
  3. Large Django-DRF project returns API token and serialized user information.
  4. Small Django project auto-adds/updates user to its database with information from large Django-DRF project's response.
  5. Small Django project responds to user client with token so that AJAX requests from Small Django project's pages can be made directly to large Django-DRF project's endpoints.

Are there existing plugins worth leveraging for this use case or should I write my own AUTHENTICATION_BACKEND?

Bradford Wade
  • 53
  • 4
  • If your DRF application is compliant with Oauth2 or some otehr standard authentication scheme, you should be able to easily find a backend. If it is not, you might be better off writing your own. It is not that hard. – Mad Wombat Apr 14 '16 at 18:42

1 Answers1

3

It sounds like you may want to look into django-rest-framework-jwt. This would allow you to use JWT as your authentication mechanism, which can easily handle your case. The project actually provides an endpoint specifically for what you want, verify_jwt_token. According to the documentation:

In some microservice architectures, authentication is handled by a single service. Other services delegate the responsibility of confirming that a user is logged in to this authentication service. This usually means that a service will pass a JWT received from the user to the authentication service, and wait for a confirmation that the JWT is valid before returning protected resources to the user.

So your workflow would be something like:

  1. User authenticates to your larger API
  2. User receives a JWT back from the authentication request
  3. User sends the JWT along with each request to the smaller API
  4. The smaller API, upon receiving a JWT, forwards it to the verify_jwt_token endpoint in your larger API
Joey Wilhelm
  • 5,729
  • 1
  • 28
  • 42
  • What will the settings of the two Django projects look like? Specifically, the authentication backend settings in settings.py of the project which is going to use another django project to receive jwt. Is it going to work just out of the box? – Abishek Sep 19 '20 at 08:58