<p>JSON Web Token is a fairly new standard which can be used for token-based authentication. Unlike the built-in TokenAuthentication scheme, JWT Authentication doesn't need to use a database to validate a token. <ahref="https://github.com/GetBlimp">Blimp</a> maintains the <ahref="https://github.com/GetBlimp/django-rest-framework-jwt">djangorestframework-jwt</a> package which provides a JWT Authentication class as well as a mechanism for clients to obtain a JWT given the username and password.</p>
<p>JSON Web Token is a fairly new standard which can be used for token-based authentication. Unlike the built-in TokenAuthentication scheme, JWT Authentication doesn't need to use a database to validate a token. <ahref="https://github.com/GetBlimp">Blimp</a> maintains the <ahref="https://github.com/GetBlimp/django-rest-framework-jwt">djangorestframework-jwt</a> package which provides a JWT Authentication class as well as a mechanism for clients to obtain a JWT given the username and password.</p>
<p>The <ahref="http://hawkrest.readthedocs.org/en/latest/">HawkREST</a> library builds on the <ahref="http://mohawk.readthedocs.org/en/latest/">Mohawk</a> library to let you work with <ahref="https://github.com/hueniverse/hawk">Hawk</a> signed requests and responses in your API. <ahref="https://github.com/hueniverse/hawk">Hawk</a> lets two parties securely communicate with each other using messages signed by a shared key. It is based on <ahref="http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05">HTTP MAC access authentication</a> (which was based on parts of <ahref="http://oauth.net/core/1.0a">OAuth 1.0</a>).</p>
<p>The <ahref="http://hawkrest.readthedocs.org/en/latest/">HawkREST</a> library builds on the <ahref="http://mohawk.readthedocs.org/en/latest/">Mohawk</a> library to let you work with <ahref="https://github.com/hueniverse/hawk">Hawk</a> signed requests and responses in your API. <ahref="https://github.com/hueniverse/hawk">Hawk</a> lets two parties securely communicate with each other using messages signed by a shared key. It is based on <ahref="http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05">HTTP MAC access authentication</a> (which was based on parts of <ahref="http://oauth.net/core/1.0a">OAuth 1.0</a>).</p>
<p>HTTP Signature (currently a <ahref="https://datatracker.ietf.org/doc/draft-cavage-http-signatures/">IETF draft</a>) provides a way to achieve origin authentication and message integrity for HTTP messages. Similar to <ahref="http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Amazon's HTTP Signature scheme</a>, used by many of its services, it permits stateless, per-request authentication. <ahref="https://github.com/etoccalino/">Elvio Toccalino</a> maintains the <ahref="https://github.com/etoccalino/django-rest-framework-httpsignature">djangorestframework-httpsignature</a> package which provides an easy to use HTTP Signature Authentication mechanism.</p>
<h2id="djoser">Djoser</h2>
<h2id="djoser">Djoser</h2>
<p><ahref="https://github.com/sunscrapers/djoser">Djoser</a> library provides a set of views to handle basic actions such as registration, login, logout, password reset and account activation. The package works with a custom user model and it uses token based authentication. This is a ready to use REST implementation of Django authentication system.</p>
<p><ahref="https://github.com/sunscrapers/djoser">Djoser</a> library provides a set of views to handle basic actions such as registration, login, logout, password reset and account activation. The package works with a custom user model and it uses token based authentication. This is a ready to use REST implementation of Django authentication system.</p>
