I'm working on a project where I need to implement a secure authentication system for my Next.js frontend and Django REST Framework backend. The key requirements are:
- Use HTTP-only cookies for session management.
- Support email-based authentication.
- Implement social authentication options.
I'd appreciate guidance, code examples, or best practices on how to achieve these goals. Any help or pointers in the right direction would be greatly appreciated. Thank you!
I've already attempted to implement authentication using Django REST Framework with NextAuth.js, as per this tutorial: link. While I achieved authentication, the tutorial used tokens as bearer tokens, whereas my goal is to use HTTP-only cookies for better security.
I'd appreciate guidance, code examples, or best practices on how to achieve these goals while ensuring the use of HTTP-only cookies for authentication. Any help or pointers in the right direction would be greatly appreciated. Thank you!