[BangPypers] DRF - Which Authentication to use?
Nabeel Valapra
nabeelvalapra at gmail.com
Fri May 1 15:14:13 CEST 2015
I have prior experience in Django. Recently I got a project to build in
REST architecture. I learned the basics of Django Rest Framework. But I
find difficult with the authentication system.
I planned serve my frontend in anguarjs an host it on app.mydomain.com, and
the DRF on api.mydomain.com. So all the end application (android, IOS) can
pull the the data from api.mydomain.com
Here I don't want to use session authentication system, it doesn't play
nice with CORS. I am more interested on JSONWebToken than Token Based
Authentication because its signed and allows refresh token option too.
But,
1. How do I invalidate the existing tokens on password change?
2. How to destroy the token in a mobile lost scenario?
Is there any better authentication solution?
More information about the BangPypers
mailing list