I am building an application with a Django backend, Angular interface and REST API using the Django REST Framework for Angular. When I was still working with the backend file using the vanilla interface, I used the provided Django authentication to handle user rights, but now that I am building a REST-based application, I am not sure how to approach authentication.
Since all user data will either be received or sent via the API, should API authentication be sufficient? If so, do I need to remove the existing Django authentication middleware?
Right now, when I try to remove the API endpoints in an earlier version of the application, I am heading towards what looks like a regular form of Django login. If I enter a valid username and password, this will not work - ask me to log in again. Did you manage to remove basic Django authentication? I want to be asked to log in, but I'm not sure how to deal with these technologies.
The django-rest-auth package seems useful, and the same group makes the Angular module, but the documents do not go past the previous installation and the provided endpoints. Ultimately, I think the gist of this question is this: how to completely disable authentication from what is provided by Django, something like django-rest-auth or one of the other third-party packages recommended by DRF?
edit . I made this comment below, but I realized that I needed to figure out how combined auth would work. I am not creating a one-page application, so individual Django will be processed by separate base pages, but each page will go to different API endpoints to get the data it needs. Is there a way to get something like django-rest-auth to handle all authentication?
source share