From f75b4a9fc0a5c4c28a6336e4d97e896e4c88fcae Mon Sep 17 00:00:00 2001 From: Ahmed Shariff Date: Sat, 1 Jun 2019 23:05:04 +0530 Subject: [PATCH 1/2] Updated README.rst with example authentication flow --- README.rst | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/README.rst b/README.rst index 01565b3..62dcc9e 100644 --- a/README.rst +++ b/README.rst @@ -71,3 +71,16 @@ you can use the ``COGNITO_USER_MODEL`` setting. .. code-block:: python COGNITO_USER_MODEL = "myproject.AppUser" + + +Example authentication flow +=========================== +1) Client sends username and password to DRF using a POST request. + +2) DRF authenticates it with AWS Cognito using ``AdminInitiateAuth`` (`boto3 `_) and sends the tokens recived from AWS Congnito back to the client. + +3) Client sends request (with the recived ``access_token`` set as the authentication header) to the API which uses ``django_cognito_jwt.JSONWebTokenAuthentication`` as the ``authentication_classes`` + +.. code-block:: python + header = {'Authorization': 'token {}'.format(authentication_result['AccessToken'])} + response = requests.post("http://127.0.0.1:8000//", headers=header) From 2939e6bbfbe995dd2b86a7fd3d131d5a972e2099 Mon Sep 17 00:00:00 2001 From: Ahmed Shariff Date: Sun, 2 Jun 2019 16:54:13 +0530 Subject: [PATCH 2/2] Added note on requiring implementation of get_or_create_for_cognito --- README.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.rst b/README.rst index 62dcc9e..3ce6647 100644 --- a/README.rst +++ b/README.rst @@ -79,8 +79,10 @@ Example authentication flow 2) DRF authenticates it with AWS Cognito using ``AdminInitiateAuth`` (`boto3 `_) and sends the tokens recived from AWS Congnito back to the client. -3) Client sends request (with the recived ``access_token`` set as the authentication header) to the API which uses ``django_cognito_jwt.JSONWebTokenAuthentication`` as the ``authentication_classes`` +3) Client sends request (with the recived ``IdToken`` set as the authentication header) to the API which uses ``django_cognito_jwt.JSONWebTokenAuthentication`` as the ``authentication_classes`` .. code-block:: python - header = {'Authorization': 'token {}'.format(authentication_result['AccessToken'])} + header = {'Authorization': 'token {}'.format(authentication_result['IdToken'])} response = requests.post("http://127.0.0.1:8000//", headers=header) + +Note: the `get_or_create_for_cognito` method of the User model needs to be implementated. (refer to: `#11 `_