I am using django-rest-knox for drf authentication. I have succesffuly implemented it but now I want to set token expiry based on the requesting platform. If a user is logged in from mobile I want to have different TTL as of logged in through web. How could I accomplish this. I am using header value to differentiate between platforms.
You'll have to use our own login view where the token is created.
Something like that would work:
class MyLoginView(APIView):
authentication_classes = api_settings.DEFAULT_AUTHENTICATION_CLASSES
permission_classes = (IsAuthenticated,)
def post(self, request, format=None):
if <check if request header for mobile exist>:
token = AuthToken.objects.create(request.user, expires=datetime.timedelta(days=1))
else:
# default TTL otherwise
token = AuthToken.objects.create(request.user)
user_logged_in.send(sender=request.user.__class__, request=request, user=request.user)
UserSerializer = knox_settings.USER_SERIALIZER
context = {'request': self.request, 'format': self.format_kwarg, 'view': self}
return Response({
'user': UserSerializer(request.user, context=context).data,
'token': token,
})
And finaly point to this view for the login url instead of original django-rest-knox login view