Hi Henri Thank you for your feedback!
JWT is an elegant solution for token based authentication, especially for a web app frontend. However, JWT is a very new standard and some JWT libraries still have security vulnerabilities and bugs. Both OAuth2 and JWT have their pros and cons. As Ken touched on, there are widely varying API use-cases which will dictate the preferred authentication method. OAuth2 appears to be a better all round API solution than JWT, and it is what is currently employed by the hugely popular WordPress.com. Having said that, I have been considering replacing OAuth2 with JWT (whilst trying to maintain a framework that would still allow for OAuth2 to be easily installed) as, for example, JWT is more elegant and simpler for a Mezzanine API user to configure and use. It would be interesting to hear some more opinions about this, especially the use-cases of those using the API... I believe that you should be able to more or less get the core JWT functionality working with Mezzanine API by following the installation steps of django-rest-framework-jwt at http://getblimp.github.io/django-rest-framework-jwt/#installation . George On Sunday, 31 May 2015 15:52:12 UTC+1, henri wrote: > > It would be nice to have > https://github.com/GetBlimp/django-rest-framework-jwt as alternative > authentication method. -- You received this message because you are subscribed to the Google Groups "Mezzanine Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
