I think you are talking about JWT(JSON Web Token) where the required information are encrypted and send to the client and the client has to send the token along with every request and the server will decrypt the token and get the information from it.
but the authentication in DRF is token-based authentication where token is generated and stored in both server and client side the client has to send request along with the token and the server verify the token against the token that it has in the DB. On Tuesday, 20 April 2021 at 20:41:06 UTC+5:30 [email protected] wrote: > Hi everyone! I've just have read Django rest framework source code and I > have no idea why auth token save in database. Im a bit confused because > many article said that token only save in frontend and backend only decrypt > the token to get the user's information. Could you tell me why they > implement like that? And is that the same as session auth (both saved in > database)? > Sincerely, > Bao > -- You received this message because you are subscribed to the Google Groups "Django REST framework" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/django-rest-framework/fc1db98d-c41e-42d8-98c7-672e3c4c7842n%40googlegroups.com.
