The gist of this django api is to provide a simple way to manage user logins in your app using JWT. On purpose, it provides very limited capabilities so that it's as reusable as possbile. Here's a quick API endpoint rundown:
- Requires
usernameandpasswordto be set in the body of the request in json - Returns a json with a
statusand ajwtfield, also sets ajwt_tokencookie
- Requires
username,passwordandemailto be set in the body of the request in json - Returns a json with a
statusfield
- Takes either a
passwordor aemail(or both) in the body of the request in json form. Also requries a validjwt_tokencookie to be sent along with the request - Returns a json with a
statusfield
- Send a request with the
jwt_cookiein the header and get a refreshed one! - Returns a json with a
statusandtokenfield
- This requests a password reset code - send a valid
emailin the body of the request in json and you will receive an email with your username and password! - Returns a json with a
statusfield
- Takes your password reset code from your email as
reset_codein the body of the request in json form. - Returns a new temporary password to use so that you can set a proper one using the
/update_profileroute in a json with astatusfield and areset_codefield
Returns the status of the service (OK), the current time and the uptime of the process.
Returns the public key that can be used to validate the JWT tokens issues by the server in a json with a status field and a public_key field
Don't forget to edit the password reset templates under jwtController/jwtIssuer/templates
Don't forget to install your own certificates to use with the web-API
Don't forget to set a sane configuration for CORS, follow guide here
Don't forget to edit the settings file under jwtController/jwtController/settings.py, more specifically:
- EMAIL_BACKEND
- EMAIL_HOST
- EMAIL_PORT
- EMAIL_USE_TLS
- EMAIL_HOST_USER
- EMAIL_FROM_USER
- EMAIL_HOST_PASSWORD
Last and not least, don't forget to run the app in production mode and hook it up to a real database...