6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Authentication with REST Framework Django\",\"text\":\"

I'm new to Django and curious how the authentication of Rest Framework works.

\\n\\n

So as I understand, the flow of authentication is:\\n Frontend sends request with username and password > Backend (Django) sends back token > From then on frontend send this token in header to authenticate.

\\n\\n

But because anyone can see the header I send, so how is this safe?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"curious_sun\"},\"upvoteCount\":1,\"answerCount\":1,\"acceptedAnswer\":null}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","python",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/python/1","children":"python"}]}],["$","span","django",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/django/1","children":"django"}]}],["$","span","django-rest-framework",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/django-rest-framework/1","children":"django-rest-framework"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/1a359133d6b107a3ee32ad5a11d7e5f7?s=256&d=identicon&r=PG&f=y&so-version=2","alt":"curious_sun","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/11222658/curious-sun","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"curious_sun"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",21]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Authentication with REST Framework Django"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

I'm new to Django and curious how the authentication of Rest Framework works.

\n\n

So as I understand, the flow of authentication is:\n Frontend sends request with username and password > Backend (Django) sends back token > From then on frontend send this token in header to authenticate.

\n\n

But because anyone can see the header I send, so how is this safe?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",66]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","59364017",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/DcgPz.jpg?s=256","alt":"Oliver Lorton","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/2554826/oliver-lorton","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Oliver Lorton"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",719]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

For this to be secure you should only ever authenticate over an https connection. When using an https connection the header/token/cookie/whatever will be encrypted.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","32844784",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/32844784","className":"text-blue-600 hover:underline","children":"Django Rest Framework custom authentication"}]}],["$","li","73018319",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/73018319","className":"text-blue-600 hover:underline","children":"Django rest framework authentication issue"}]}],["$","li","14838128",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/14838128","className":"text-blue-600 hover:underline","children":"Django Rest Framework Token Authentication"}]}],["$","li","26218116",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/26218116","className":"text-blue-600 hover:underline","children":"Login with Django Rest Framework"}]}],["$","li","52915834",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/52915834","className":"text-blue-600 hover:underline","children":"Django Rest Framework - Best way to add authentication"}]}],["$","li","43679195",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/43679195","className":"text-blue-600 hover:underline","children":"Django Rest Framework Auth"}]}],["$","li","32026893",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/32026893","className":"text-blue-600 hover:underline","children":"How to use authentication with Django REST Framework"}]}],["$","li","30841580",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/30841580","className":"text-blue-600 hover:underline","children":"Python Django Rest Framework authentication"}]}],["$","li","24909389",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/24909389","className":"text-blue-600 hover:underline","children":"Django-rest-framework and authentication"}]}],["$","li","17425423",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/17425423","className":"text-blue-600 hover:underline","children":"django rest Framework authentications"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Authentication with REST Framework Django

Answers (1)

Related Questions