Open tw4l opened 5 years ago
Separate issue for frontend user management: https://github.com/timothyryanwalsh/bulk-reviewer/issues/63
For 0.1.0 release: add login screen and frontend logic and secure API, but handle all user management through built-in Django admin
django-rest-auth and login/logout API endpoints for handling tokens added in commit https://github.com/timothyryanwalsh/bulk-reviewer/commit/fdcaacf0606a5eff094f40442771cfd0acf8e502
To secure API, add the following to server/server/settings.py
:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
}
Will require adding logic to Vue SPA to store token and authentication state, pass token with API requests. See as example:
See https://www.django-rest-framework.org/api-guide/authentication/ and https://www.django-rest-framework.org/api-guide/permissions/
Will require introducing user management to Vue frontend