From f75b4a9fc0a5c4c28a6336e4d97e896e4c88fcae Mon Sep 17 00:00:00 2001
From: Ahmed Shariff <ahmed.shariff@live.com>
Date: Sat, 1 Jun 2019 23:05:04 +0530
Subject: [PATCH 1/2] Updated README.rst with example authentication flow

---
 README.rst | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/README.rst b/README.rst
index 01565b3..62dcc9e 100644
--- a/README.rst
+++ b/README.rst
@@ -71,3 +71,16 @@ you can use the ``COGNITO_USER_MODEL`` setting.
 .. code-block:: python
 
 	COGNITO_USER_MODEL = "myproject.AppUser"
+
+
+Example authentication flow
+===========================
+1) Client sends username and password to DRF using a POST request.
+   
+2) DRF authenticates it with AWS Cognito using ``AdminInitiateAuth`` (`boto3 <https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/cognito-idp.html#CognitoIdentityProvider.Client.admin_initiate_auth>`_) and sends the tokens recived from AWS Congnito back to the client.
+
+3) Client sends request (with the recived ``access_token`` set as the authentication header) to the API which uses ``django_cognito_jwt.JSONWebTokenAuthentication`` as the ``authentication_classes``
+
+.. code-block:: python
+    header = {'Authorization': 'token {}'.format(authentication_result['AccessToken'])}
+    response = requests.post("http://127.0.0.1:8000/<API with authentication>/", headers=header)    

From 2939e6bbfbe995dd2b86a7fd3d131d5a972e2099 Mon Sep 17 00:00:00 2001
From: Ahmed Shariff <ahmed.shariff@live.com>
Date: Sun, 2 Jun 2019 16:54:13 +0530
Subject: [PATCH 2/2] Added note on requiring implementation of
 get_or_create_for_cognito

---
 README.rst | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.rst b/README.rst
index 62dcc9e..3ce6647 100644
--- a/README.rst
+++ b/README.rst
@@ -79,8 +79,10 @@ Example authentication flow
    
 2) DRF authenticates it with AWS Cognito using ``AdminInitiateAuth`` (`boto3 <https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/cognito-idp.html#CognitoIdentityProvider.Client.admin_initiate_auth>`_) and sends the tokens recived from AWS Congnito back to the client.
 
-3) Client sends request (with the recived ``access_token`` set as the authentication header) to the API which uses ``django_cognito_jwt.JSONWebTokenAuthentication`` as the ``authentication_classes``
+3) Client sends request (with the recived ``IdToken`` set as the authentication header) to the API which uses ``django_cognito_jwt.JSONWebTokenAuthentication`` as the ``authentication_classes``
 
 .. code-block:: python
-    header = {'Authorization': 'token {}'.format(authentication_result['AccessToken'])}
+    header = {'Authorization': 'token {}'.format(authentication_result['IdToken'])}
     response = requests.post("http://127.0.0.1:8000/<API with authentication>/", headers=header)    
+
+Note: the `get_or_create_for_cognito` method of the User model needs to be implementated. (refer to: `#11 <https://github.com/labd/django-cognito-jwt/issues/3>`_