pip install djangorestframework
pip install django-rest-knox
#Add rest_framework and knox to your INSTALLED_APPS, remove rest_framework.authtoken if you were using it.
INSTALLED_APPS = [
...
'rest_framework',
'knox',
]
#Make knox’s TokenAuthentication your default authentification class for django-rest-framework, in settings.py file:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
# 'rest_framework.authentication.BasicAuthentication',
# 'rest_framework.authentication.SessionAuthentication',
'knox.auth.TokenAuthentication',
]
}
#Create a file in your app named serializers.py and add
from rest_framework import serializers
from django.contrib.auth.models import User
# User Serializer
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('id', 'username', 'email')
# Register Serializer
class RegisterSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('id', 'username', 'email', 'password')
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
user = User.objects.create_user(validated_data['username'], validated_data['email'], validated_data['password'])
return user
#After creating serializer, we need to create DRF APIView In views.py file
from rest_framework import generics, permissions
from django.contrib.auth import login
from rest_framework.response import Response
from knox.models import AuthToken
from .serializers import UserSerializer, RegisterSerializer
from rest_framework import permissions
from rest_framework.authtoken.serializers import AuthTokenSerializer
from knox.views import LoginView as KnoxLoginView
# Register API
class RegisterAPI(generics.GenericAPIView):
serializer_class = RegisterSerializer
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
return Response({
"user": UserSerializer(user, context=self.get_serializer_context()).data,
"token": AuthToken.objects.create(user)[1]
})
class LoginAPI(KnoxLoginView):
permission_classes = (permissions.AllowAny,)
def post(self, request, format=None):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
login(request, user)
user = serializer.validated_data['user']
token= AuthToken.objects.create(user)[1]
return super(LoginAPI, self).post(request, format=None)
#In urls.py file add
from .views import RegisterAPI
from django.urls import path
from knox import views as knox_views
from .views import LoginAPI
urlpatterns = [
path('api/register/', RegisterAPI.as_view(), name='register'),
path('api/login/', LoginAPI.as_view(), name='login'),
path('api/logout/', knox_views.LogoutView.as_view(), name='logout'),
path('api/logoutall/', knox_views.LogoutAllView.as_view(), name='logoutall'),
]
Python manage.py makemigrations
Python manage.py migrate
#header for authentication
Authorization: "Token <token>"
#for function-based views
from rest_framework.permissions import IsAuthenticated
from rest_framework.decorators import api_view, permission_classes
@api_view(['GET'])
@permission_classes((IsAuthenticated, ))
def your_view(req):