Handle jwt Issued by Another Service about django-rest-framework-jwt HOT 7 CLOSED

@cancan101 I guess that seems like a workaround that might be unnecessary. Will you not need those users then? Would just verifying and extracting the payload suffice? What's the end goal you're trying to accomplish?

from django-rest-framework-jwt.

Maybe a better question is how do I get access to all of the IsAuthenticated machinery in Django/DRF without actually creating User objects?

There is also the side benefit of now being able to use the User model to track the actions of this user.

from django-rest-framework-jwt.

In that case I think you might need to do a bit of work and might even be better off not using this package. Authentication classes in DRF expect a tuple to be returned and it will assign it to request.user and request.auth if I'm not mistaken.

You might also need a custom Permission class that doesn't depend on a user in the request for your other endpoints.

from django-rest-framework-jwt.

So then, why not just create the User?

from django-rest-framework-jwt.

@cancan101 that'll definitely be easier, yes.

from django-rest-framework-jwt.

Closing this for lack of activity. Will reopen if there are concrete actions for a next step.

from django-rest-framework-jwt.

I ended up solving this my overriding authenticate_credentials to look something like:

    def authenticate_credentials(self, payload):
        User = utils.get_user_model()
        user_id = jwt_get_user_id_from_payload(payload)
        if user_id is not None:
            user, created = User.objects.get_or_create(user_id=user_id)
...

from django-rest-framework-jwt.