django frontend authorization access-token refresh-token

Django Frontend Autho key and refresh key

I would like to separate my Django frontend and backend. Literally creating 2 Django servers.

What is the best way to store auth access-token and refresh-token on frontend?

What is the best way to validate auth when API is called?

Thanks!

Solution

Read about storing jwt on frontend here :

Should JWT be stored in localStorage or cookie?

Basically, there can be two ways, either storing it in localstorage or HTTP Cookie. Read about pros and cons of both approach and decide what suits you best. In API, it's best to pass access token in header of request and validating the same using a Django Middleware. Send a refresh request from your frontend if the reponse returns an Unauthorized error and error message something like "Token Expired", which will be created by you on the backend. See this package for more :

https://django-rest-framework-simplejwt.readthedocs.io/en/latest/

django: on pypy, psyco, unladen swallow or cpython, which one is the fastest?
Password Reset functionality inheriting from Django clases - reverse url issues ('uidb64')
how to log a file in Django
Using filters with model inheritance
How to render a pdf file as pdf in browser using django
django.db.utils.ProgrammingError: relation "bot_trade" does not exist
Django DRF: @permission_classes not working
How to prevent bleach from escaping > (blockquote) tag used in Markdown
how to solve django.db.utils.NotSupportedError in django
CSRF cookie error after Django 3.2 update (DRF with token authentication)
How to make an Inner Join in django?
Object of type ListSerializer is not JSON serializable
How to get the common name for a pytz timezone eg. EST/EDT for America/New_York
How to serialize user permissions in Django Rest Framework?
Fatal Python error: init_fs_encoding: failed to get the Python codec of the filesystem encoding, when trying to start uwsgi
Error attempting to deploy my Django app on Vercel
Complex query using Django QuerySets
How to call asynchronous function in Django?
Django Sitemaps : Get only pages of the current website
How to manage.py loaddata in Django
'Invalid filter: 'length_is' Error in Django Template – How to Fix?
How to call OneToOneField reverse relationship in template (django)?
Django Rest Framework POST Update if existing or create
Django: get current manage.py command
Change Django ModelChoiceField to show users' full names rather than usernames
How to do aggregate raw sql with julian date in sqlite (with django)
Django send excel file to Celery Task. Error InMemoryUploadedFile
Monitoring django rest framework api on production server
Interactive Graphviz graphs in a web application
Django: Not Found static/admin/css