I've reviewed all related questions, but I'm currently facing a problem for which I'm uncertain about the best approach. I have a web application built with Django and django-allauth. Telegram Bot login has been successfully implemented, and everything is functioning well.
In addition, I have a Django Rest API within the same project. Here are my Authentication Backends:
AUTHENTICATION_BACKENDS = (
'registration.authenticate_backend.EmailOrUsernameModelBackend',
'allauth.account.auth_backends.AuthenticationBackend',
)
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
],
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
"rest_framework_simplejwt.authentication.JWTAuthentication",]}
What I aim to achieve is as follows: Users join my TelegramBot, and through it, they should be able to manage their accounts and retrieve information via my Django Rest API. However, I'm unsure about how to handle authentication for these requests.
Currently, I've implemented a solution by extracting the user_id from the messages that Telegram sends to me and directly using Django ORM. Nonetheless, I would prefer to leverage my API for this purpose. Thank you!