Skip to main content

Token

The next improvement in security is to use Token Authentication.

api.py
from ninja_extra import NinjaExtraAPI
from dj_ninja_auth.authtoken.authentication import AccessTokenAuth
from dj_ninja_auth.authtoken.controller import NinjaAuthTokenController

api = NinjaExtraAPI(auth=[AccessTokenAuth()])
api.register_controllers(NinjaAuthTokenController)

Since the tokens will be stored in the database, you are required to add the dj_ninja_auth.authtoken app to your INSTALLED_APPS and migrate the database. Failure to do so will raise errors.

settings.py
INSTALLED_APPS = [
    ...
    "ninja_extra",
    "dj_ninja_auth",
    "dj_ninja_auth.authtoken
    ...
]
info

Tokens are rotated every 1 day by default for security purposes.