Django Sessions: Correct way to get logged in user data from server?

Question

I have my API set up using SessionAuthentication. Once a user logs in, I redirect them to their profile page in React. Once they are redirected to their profile page, I want to make a REST call to retrieve their profile data and insert it in the proper location on the page. I see a couple ways I can do this:

1. When a user logs in, put their User ID into the Response object (DRF) and then store that in the client somewhere (Redux store, session storage, or local storage). Then when they are redirected to the login page, make a REST call to /users/users_id.
2. With Django sessions the logged in user is automatically tied to each request. So do I even need to follow Rest here? I can make a call to /users, and if the user is authenticated, return their data.

I would appreciate any help with this. Thank you.

Answer 1

With SessionAuthentication, after a successful login, the browser saves a sessionId cookie for that domain (or ip:port) automatically. Sending a request will send that cookie from the same domain no matter with Django or React, and authenticate the user, making your request.user a user.

You can check for the cookie when you inspect the page -> Application -> Cookies -> Your domain -> sessionId

Basically, you can login via Django and it will login you with React as well. No need to store anything manually. Just use the same domain for both.