How to make an API using DRF to accept and verify a JWT?

456 Views Asked by At

I need to make an API which can take in a JWT token and an ID parameter and create multiple endpoints which will serve data( like '../api/contact/', '../api/qualifications/', etc).
I do not understand how to take in the JWT and the ID parameter. Should I make another API endpoint where the user can POST the data but how do I save it in Django and design a way to serve the other endpoints?

This is the first time I'm making any sort of APIs.

So the usual way to serialize and serve the data would be..

# views.py

from rest_framework.response import Response
from rest_framework.decorators import api_view
from .models import SomeModel


@api_view()
def get_api_data(request):
    # some queryset function/ processing
    return Response(queryset)

So what I'm trying to ask here is that do I need to extract the JWT in some special way or is it bundled in the request? (and could be extracted in someway like request.method)

EDIT: Just to make it more clear, I don't want to authenticate or create a JWT token. I just want to POST data IF there is a token or give an error.

2

There are 2 best solutions below

0
On
0
On

Okay so after understanding how JSON Web Tokens actually work, I realised that this was a straightforward problem. Making it extremely short, once the JWT is generated, it's the browser's responsibility to send it in with the request. So to extract the JWT, all we need to do is look in the request. I found this link to be particularly useful.