mayankgopronto
02/15/2023, 2:56 PMIdP
which runs as a Go
API server and talks to the supertokens core and all authentication happens via the IdP. We have an existing django
- drf
app which currently does regular django session authentication and sets the sessionid
in the cookie. In the new implementation, where I am trying to slowly migrate all the services to supertokens, all the requests will contain the supertokens' access
and refresh
token.
So I am planning to write a django middleware which will call the IdP's
session-verify API . And if successful, I can set the django User
object. I was looking through the python SDK which has a plugin for django
. Is there any way I can achieve this using the SDK? I do not want to do supertokens.init
in my django app to maintain abstraction.
Is this approach feasible or would you suggest I go with the python
sdk and use the supertokens backend in the django server too?rp_st
02/15/2023, 2:58 PMmayankgopronto
02/16/2023, 8:59 AMjwt
is extracted in the django server from the access token instead of the frontend? Because it may be easier to send the token in a cookie instead of Authorization header, given my architectural constraints.rp_st
02/16/2023, 9:02 AMmayankgopronto
02/16/2023, 9:24 AM