i have a django-rest app , for auth system i need help .
i want to use JWT for auth (simple_jwt) but i was reading the doc , that i have find that i need to send the password and user to get the token to get login .
this is a problem because users dont have the password i'm going to use OTP code to login users
I have searched the google and looks like i must code a backend i dont want to make it complicated i want as simple as it can be , i searched and i find something like knox too do it can help me out ?
I have searched and looked the simple_jwt package itself and made a solution for this problem to make JWT without password checking of package itself, or make a new backend. we can use the Token objects of simple_jwt for making the tokens, we just need to give a User instance to it, and it will make a token for us.
NOTE: there is a problem with this way, you must authenticate the request your self, means for example if using one time password with OTP(SMS) you must check that user is sending right code or password then send him a token. After sending the token, its front-end job to handle the token in every request to send it in header. Another thing it don't need to make blacklist(logout) and refresh view for your self manual, you can use the built-in simple_jwt package, and they work fine.
Thanks.