How to use headless api in drf

[kagiya-n]

Please tell me how to link the authentication information of the allauth headless API in Django REST framework for both app and browser cases.
https://www.django-rest-framework.org/api-guide/authentication/

[pennersr]

Without knowing any specifics this is difficult to answer, as authentication is pluggable over at DRF. In any case, allauth headless uses session authentication on the browser, and an X-Session-Token header for apps. So, if you configure DRF to use sessions as well, the browser case is covered. As for apps, you can either setup DRF to recognize the X-Session-Token header and use that throughout your app. Or, if you want, you can configure allauth to generate an access token. You would have to hook something like this up:

from rest_framework.authtoken.models import Token

def create_access_token(self, request):
    token = Token.objects.create(user=...)
    return token.key

.. over here:

https://docs.allauth.org/en/latest/headless/tokens.html#allauth.headless.tokens.base.AbstractTokenStrategy.create_access_token

But as mentioned, it all depends on your requirements... there are other options over at DRF as well.

[kagiya-n]

Thank you for your response.

I am using a React web application, but since we are using different domains for the frontend and backend, we couldn't resolve the route issue. Therefore, we resolved it by putting the session_token obtained from _allauth/app/v1/auth/login into the sessionid of the Cookie.