Skip to content

Instantly share code, notes, and snippets.

@akashadhikari

akashadhikari/JWT_Functioning.md

Last active November 24, 2020 03:32
Show Gist options
  • Save akashadhikari/175a39858fd75e73cad62e14db83a7a3 to your computer and use it in GitHub Desktop.
Save akashadhikari/175a39858fd75e73cad62e14db83a7a3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
JWT_Functioning.md

Submit a post request with correct authentication details

http post http://127.0.0.1:8000/api/token/ username=akash password=Akashsky13

The response you get is access token and a refresh token:

{
    "access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjA2MTg1MzkwLCJqdGkiOiI3MTcxOTZlN2E3Yjk0M2I0YWRjNmU0YWZhYjEzZWQ2MSIsInVzZXJfaWQiOjF9.aQQHPGsSHpIf38Bhww76WNOwsZ4PiChgn1a1OV_IlD4",
    "refresh": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTYwNjI3MTQ5MCwianRpIjoiN2I5OTMxN2Q2ZWViNDI3YzhiNGUxM2FkMTQzNzRhNmEiLCJ1c2VyX2lkIjoxfQ.aayavlSfDbVoDltJOqMWO-ru6T1307iLhLRODx2zACU"
}

Place the access token below on the authenticated view

http http://localhost:8000/api/v1/post/ "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjA2MTg1MzkwLCJqdGkiOiI3MTcxOTZlN2E3Yjk0M2I0YWRjNmU0YWZhYjEzZWQ2MSIsInVzZXJfaWQiOjF9.aQQHPGsSHpIf38Bhww76WNOwsZ4PiChgn1a1OV_IlD4"

When the access token is expired after 5 minutes (or as per ACCESS_TOKEN_LIFETIME value) submit refresh token

http post http://127.0.0.1:8000/api/token/refresh/ refresh=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTYwNjI3MTQ5MCwianRpIjoiN2I5OTMxN2Q2ZWViNDI3YzhiNGUxM2FkMTQzNzRhNmEiLCJ1c2VyX2lkIjoxfQ.aayavlSfDbVoDltJOqMWO-ru6T1307iLhLRODx2zACU

The response you get is a brand new access token

{
    "access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjA2MTg2MjAyLCJqdGkiOiJkYTBmMDQ1YjgzNGU0MmRkYmI0NDVhODdlMThmMjA3OSIsInVzZXJfaWQiOjF9.CqElqbkiLmLh7eItHAmKnHlTeaxTy3y4aVMsJ5nAaOM"
}

Place this new access token below on the authenticated view since the old token doesn't work now

http http://localhost:8000/api/v1/post/ "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjA2MTg2MjAyLCJqdGkiOiJkYTBmMDQ1YjgzNGU0MmRkYmI0NDVhODdlMThmMjA3OSIsInVzZXJfaWQiOjF9.CqElqbkiLmLh7eItHAmKnHlTeaxTy3y4aVMsJ5nAaOM"

Note:

Your ACCESS_TOKEN_LIFETIME should be typically set to 5 minutes but it's customizable.
Your REFRESH_TOKEN_LIFETIME should be typically set to 24 hours but it's customizable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment