Setup JWT authentication endpoint

[HuxleyBerry]

What is JWT?

JWT (short for JSON Web Token) is a method of authentication. The typical steps in the authorisation flow are outlined below (in a slightly simplified form):

• The frontend sends the user credentials to the backend (username + password)
• If these credentials are valid, the backend responds by sending a JWT
• Later, if the frontend wants to access a protected resource, it can do so by including the JWT in the header of the http request
• If the server receives a request with such a header, it uses the received JWT to figure out the identity of the user. Then depending on the identity of the user and the nature of the protected resource, the server will respond with either the protected resource or a 403 (forbidden) error.
  • If no JWT is provided in a request for a protected resource, then the server will also respond with a 403 error.

We will be using the Simple JWT plugin for this. You won't need to program anything for this issue -- you just need to install and configure simplejwt.

[github-actions[bot]]

Branch issue-7-Setup_JWT_authentication_endpoint created!