Please add a sample django-restframework demo app

[allardhoeve]

Hey there Ranvijay, what would you expect out of a sample demo app? You'd also need an openid connect provider that works with keys and all.

[ranvijay-sachan]

Sample app like: 
1: what we need to add in settings.
2: view.py example(LoginView())
3: urls.py example
4: curl -H "Authorization: JWT <your_token>" http://localhost:8000/login/

[alexgleith]

Hey folks, I'm interested in implementing this too.

Can someone point me at a working version? I want to set up URLs to authenticate a user in a static web-app with DjangoREST as a backend and OICD server for auth.

[jxraynaud]

This issue should be closed, as it's not really an issue or a reasonable request feature. To make it work you'll need a client that can negociate an access token with an oidc provider and use it to access an api protected by this package. If somebody ask itself the questions of alexgleith, it doesn't make sense to have a login view or similar for an API protected by this package. A client (SPA or Mobile App) should use an implicit flow or a pkce flow to authenticate with the IP, get the token and then try to access the API using the access token recieved from the IP.

[ochom]

Someone should at least give direction like is it required to add the key and secret in settings.py. I think this suggestion is an important one

[jxraynaud]

Someone should at least give direction like is it required to add the key and secret in settings.py. I think this suggestion is an important one

I'm not sure what you call a key or secret here.

If it's the private key or public key used by the auth server to sign the id tokens, please don't put any in the settings of this app. The public keys are made available by the IP on the jwks endpoint and are supposed to be regularly renewed by the ip, furthermore there isn't only one public key at a given time but multiple and they are renewed, so if you put those in the settings and override the existing lib to use those settings instead of the public key provided by the IP, you might have to update your setting every hour.