Django Rest Framework and SPA -Session Authentication (With Docker and Nginx)

Django Rest Framework and SPA -Session Authentication (With Docker and Nginx)

Tutorial also covers authentication and deployment as a Docker container. ... Building a Basic API with Django REST Framework in Docker (this post) ... an API that is consumed by our Angular Single-Page Application (SPA).

In this article I’ll assume you’re familiar with Django, Django Rest Framework, React, and a little bit of Docker and Nginx. However I should state I’m quite new to Docker and Nginx. I’ll also assume you have Python, Pip, Node and Docker set up. I’ll be using Pipenv, but if you want to install your Python dependencies globally I guess I can’t stop you. My goal is to show a development set up I recently got working to use Django session authentication with a Single Page Application (SPA) and Django Rest Framework.I recently was attempting to authenticate users on a React app while using a Django Rest Framework (DRF) backend. The simplest option seemed to be using JWT token authentication, however a quick google search will reveal what seems to be an unanswered debate over whether keeping a JWT in localstorage is secure (That statement is over simplified but have a look into it if you’re curious). After a few days of reading I decided that session authentication was less risky.Although it may seem straightforward to use sessions with a SPA, the built in Django session authentication is designed primarily for a web app using Django templates, not a SPA running on another domain. The CSRF-Tokens used in session authentication are there specifically to prevent authenticated requests coming from another domain, creating a headache for someone looking to authenticate a SPA. If you’re brave enough to wrestle with django-cors-headers and attempt to get Django to set the CSRF Token on another domain in a secure way, I wish you the best, I’ve had no luck. This approach also seemed risky as you’re required to relax many Django settings regarding cookies and security.The Django Rest Framework documentation mentions making requests with sessions. Head to the section on authentication and you’ll find how to allow a request with session authentication, but no mention of how to login on a SPA, which to give credit to the Rest Framework, is probably outside the reasonable scope of what is otherwise amazing documentation. None the less I felt stumped.

nginx django-rest-framework react django docker

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

How native is React Native? | React Native vs Native App Development

Article covers: How native is react native?, React Native vs (Ionic, Cordova), Similarities and difference between React Native and Native App Development.

Bulk Updates with Django Rest Framework

Using the ListSerializer with bulk_update to build efficient PUT API endpoints with Django Rest Framework

Django REST Framework Course for Beginners

In this article we are going to talk about Django REST Framework Course for Beginners, also for more information you can check the complete video for th

Create Your First REST API in Django Rest Framework

In this post, we'll discuss about Django Rest Framework or DRF. DRF is used to create RESTful APIs in Django which later could be consumed by various apps; mobile, web, desktop, etc. We will be discussing how to install DRF on your machine and then will be writing our APIs for a system.

React Native and Django for Beginners

React Native and Django are popular, flexible, and powerful frameworks that operate well together. Here's an overview of what React Native and Django offer software developers.