Skip to main content

JSON Web Tokens

The final improvement in security is to use JWT Authentication.
from ninja_extra import NinjaExtraAPI
from dj_ninja_auth.jwt.authentication import JWTAuth
from dj_ninja_auth.jwt.controller import NinjaAuthJWTController

api = NinjaExtraAPI(auth=[JWTAuth()])

To prevent any future breaking changes, you are required to add the dj_ninja_auth.jwt app to your INSTALLED_APPS. Change include the blacklisting of JWT tokens.

The JWT controller provides 2 additional endpoints for tokens.

  • /auth/refresh: Issues the user a new token using the refresh token
  • /auth/verify: Verifies that the provided token is valid.