I am building a real world application where users will access the app primarily from Android, iOS devices as well as Desktops.
From my elementary research, I have realized that token based authentication mechanism is more better and elegant for client-server models as compared to session based authentication.
In Django, I have found two popular ways to do this -
- http://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication
- http://getblimp.github.io/django-rest-framework-jwt/
From what I understood, option 2] is an extension of 1] except that the Token is in the form of JSON(serialized). I would like to understand what other differences there are between option 1] and 2] and the advantages/disadvantages of choosing either.
django-rest-framework-simplejwt
seems to be maintained whiledjango-rest-framework-jwt
is not. – phoenix