The place where JWT begins to get useful and important is when federated login capabilities end-up in your app. That sort of thing seems more the domain of python-social-auth packages like social-auth-core and social-auth-app-django. Generating an authentication cookie doesn't require JWT - Django already does that.
On Mon, May 11, 2020 at 9:37 AM Derek Adair <d...@derekadair.com> wrote: > Maybe we can update the docs to show how you you would might use some of >> the signing primitives instead of JWTs, but this also sounds a bit >> dangerous 🤷♂️ >> > > As someone hoodwinked into believing JWT was the way... I'd absolutely > LOVE a clear and concise write up on how I might get my single page js apps > to communicate securely with projects like Django Rest. > > Thanks for closing the door on JWT for me James. > > -- > You received this message because you are subscribed to the Google Groups > "Django developers (Contributions to Django itself)" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-developers+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-developers/adc7a8eb-6100-4639-af98-4bca9afaad0b%40googlegroups.com > <https://groups.google.com/d/msgid/django-developers/adc7a8eb-6100-4639-af98-4bca9afaad0b%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAFzonYarnig9vCJAekv%3DsaKuMJ-jz755XgLd%2B4GKJ0cN5YSBnQ%40mail.gmail.com.
