I know this question is almost a year old, but I just figured out how to get Djoser and django-rest-knox to play together and the technique worked with djangorestframework-jwt . The trick is that you can use the endpoints of your Djoser account without using your auth related endpoints . You just need to put each library at its endpoint.
Here's how I installed the Django Rest Framework to use JWT to log in and authenticate with Djoser endpoints (I'm going to take it from start to finish):
First install djangorestframework-jwt and djoser :
pip install djangorestframework-jwt djoser
Specify that you want to use JWT for authentication by adding JSONWebTokenAuthentication to DEFAULT_AUTHENTICATION_CLASSES in the Django settings.py project:
REST_FRAMEWORK = { 'DEFAULT_PERMISSION_CLASSES': ( 'rest_framework.permissions.IsAuthenticated', ), 'DEFAULT_AUTHENTICATION_CLASSES': ( 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', ), }
Then add djoser.urls and rest_framework_jwt obtain_jwt_token view your URLs:
from django.conf.urls import url, include from rest_framework_jwt import views as jwt_views urlpatterns = [ url(r'^account/', include('djoser.urls')), url(r'^auth/login/', jwt_views.obtain_jwt_token, name='auth'), ]
That should be all you need to get started. To be safe, run migrate (I created a new instance of the Django Rest Framework for this post and have not yet completed the initial commits up to this point):
python manage.py migrate
To check, create a new user if you do not already have it:
python manage.py createsuperuser
Once you have a user account, runserver , and then try logging in to get your JWT:
http post http: // localhost: 800 / auth / login / username = admin password = password
You should return the token:
{ "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NTg2ODI3MzYsInVzZXJuYW1lIjoiYWRtaW4iLCJlbWFpbCI6IiIsInVzZXJfaWQiOjJ9.JDoVCpfiE0uGhsv9OQfPgPc-wxjjQtcEjwAI6bTLWRM" } " { "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NTg2ODI3MzYsInVzZXJuYW1lIjoiYWRtaW4iLCJlbWFpbCI6IiIsInVzZXJfaWQiOjJ9.JDoVCpfiE0uGhsv9OQfPgPc-wxjjQtcEjwAI6bTLWRM" }
You can then use this token for authentication with the Djoser / me / endpoint to get information about your profile. Just enter your token in your request header as Authorization: JWT :
The HTTP http: // localhost: 8000 / account / me / "Authorization: JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NTg2ODI3MzYsInVzZXJuYW1lIjoiYWRtaW4iLCJlbWFpbCI6IiIsInVzZXJfaWQiOjJ9.JDoVCpfiE0uGhsv9OQfPgPc-wxjjQtcEjwAI6bTLWRM"
Here is what I returned:
{ "email": "", "id": 2, "username": "admin" }
As you can see, it's pretty easy to start using JWT for authentication. I guess libraries like djoser and django-rest-auth focus on Basic, Session, or Token authentication because they are included from the DRF block and probably the most common method by which people authenticate calls against their server.
The beauty of all this is that it is easy to implement a more secure authentication scheme, since Djoser is not closely connected with its own authentication classes - it will gladly respect everything that you set for DEFAULT_AUTHENTICATION_CLASSES .