1

I want to have AUTH header for all django requests and responses.

I have a question (python 3.7 - django 2.1):

I want to authenticate the users via JWT tokens.

I don't want to use Models.py or external libraries like as Rest-Framework.

I built a mysql-db for managing CRUD operation for working with JWT-tokens and user-management.

My Problem:

I want to add a "AUTH" header in HTTP request (if username and password were correct) to incoming request from "http://127.0.0.1:8080/my_dj_app/register" page; and then i want to redirect user to Login page ("http://127.0.0.1:8080/my_dj_app/dashboard").

So (when user is redirecting to Dashboard, I'm checking the value of AUTH header in DB in incoming-request), in Dashboard view, again, I'm checking the AUTH header for authorization/authentication the user.

Note: via this topic, i can add AUTH in reponse header. but how i can redirect user to dashboard !? Django: Add response header when using render or render_to_response

above scenario is possible !?. how i can do it !?. please help meeeee.

response = render(request, "my_dj_app/dashboard.html", {})
response['AUTH'] = JWT_TOkEN
return response

but above code, can't to solve my problem :(

Yogesh Chuahan
  • 358
  • 2
  • 11
ali reza
  • 141
  • 3
  • 13

1 Answers1

0

In Django, you need to import auth library to authenticate and login. The following snippet will authenticate and redirect. As far as I know, you do not need to manually set the headers.

from django.contrib import auth
def login_view(request):
    username = request.POST.get('username', '')
    password = request.POST.get('password', '')
    user = auth.authenticate(username=username, password=password)
    if user is not None and user.is_active:
        # Correct password, and the user is marked "active"
        auth.login(request, user)
        # Redirect to a success page.
        return HttpResponseRedirect("/account/loggedin/")
    else:
        # Show an error page
        return HttpResponseRedirect("/account/invalid/")

Source Link https://django-book.readthedocs.io/en/latest/chapter14.html#logging-in-and-out

If we use default authentication, user object is injected by default into the templates. Thus, you can verify a user by using user.is_authenticated.

While in your case, you need to save the response JWT_TOKEN in localStorage using JavaScript.

You can read about how to set headers using JS. Optionally, how to set headers using JS in Django.

Yogesh Chuahan
  • 358
  • 2
  • 11
  • I knew this. thanks. but it's not my answer. I want to add AUTH header forever to web http requests and responses. – ali reza Dec 23 '18 at 06:29
  • I think you are not able to save the response. Please correct me if I am wrong. You are trying logging in into your website and it is successful. The successful response contains the JWT in the body. But you are not able to save the JWT and use it in subsequent requests to the server. Am I right ? So, sorry for the delay. – Yogesh Chuahan Dec 30 '18 at 13:16
  • @ali-reza Updated the answer. Please check. – Yogesh Chuahan Dec 30 '18 at 13:29
  • exactly you said correct. Implementing JWT in android or desktop apps is simple. But i don't know how i can be able to do it in a web application. – ali reza Dec 31 '18 at 14:06
  • @alireza Please check my updated answer. I have provided the information related to your question. – Yogesh Chuahan Jan 01 '19 at 19:29
  • Thanks for TIPs. but now as resolved. but as a useful answer. – ali reza Jan 08 '19 at 10:38