Django Auth Protection This package logout users from the system by changing the password in REST API.
Simple JWT provides a JSON Web Token authentication backend for the Django REST Framework. It aims to cover the most common use cases of JWTs by offering a conservative set of default features. It also aims to be easily extensible in case a desired feature is not present. But one of the problems is that when the users change the password, they can continue to work on the system with the previous token until it expires. This package overrides the Simple JWT to solve this problem.
- Download and install latest version of Django Auth Protection:
$ pip install django-auth-protection
# or
$ easy_install django-auth-protectionThen you have to create a custom TokenObtainPairView class and change the serializer_class to ProtectTokenObtainPairSerializer (follow the sample):
- Make a custom
TokenObtainPairViewand change theserializer_class:
from auth_protection.serializers import ProtectTokenObtainPairSerializer
class CustomTokenObtainPairView(TokenObtainPairView):
serializer_class = ProtectTokenObtainPairSerializer- Change All
authentication_classeson your views and replace it withJWTAuthProtection:
from auth_protection.authentications import JWTAuthProtection
class SampleView(TARGET_VIEW):
authentication_classes = [JWTAuthProtection]- Change your
TokenRefreshViewview toProtectTokenRefreshView(EX:urls.py):
from auth_protection.views import ProtectTokenRefreshView
urlpatterns = [
# ...
path('YOUR_PATH/refresh/', ProtectTokenRefreshView.as_view(), name='URL_NAME'),
# ...
]