Using supertokens with django So I have an

IdP

which runs as a

Go

API server and talks to the supertokens core and all authentication happens via the IdP. We have an existing

django

-

drf

app which currently does regular django session authentication and sets the

sessionid

in the cookie. In the new implementation, where I am trying to slowly migrate all the services to supertokens, all the requests will contain the supertokens'

access

and

refresh

token. So I am planning to write a django middleware which will call the

IdP's

session-verify API . And if successful, I can set the django

User

object. I was looking through the python SDK which has a plugin for

django

. Is there any way I can achieve this using the SDK? I do not want to do

supertokens.init

in my django app to maintain abstraction. Is this approach feasible or would you suggest I go with the

python

sdk and use the supertokens backend in the django server too?

hey @mayankgopronto The best way to do this would be to enable JWT with sessions in the golang IDP. Then the frontend extracts the JWT and sends it to the django server via authorization bearer token. The django server can use any jwt verification lib and verify the jwt using the jwks endpoint exposed by the golang server.

Would there be any difference if the

jwt

is extracted in the django server from the access token instead of the frontend? Because it may be easier to send the token in a cookie instead of Authorization header, given my architectural constraints.

You could do that. It won’t be an issue.

Thanks, will give this a shot!