Man, I learnt Django with myself. I built a few website for my school. Now I'm working with my school's IT department. I need to learn Rest API. I was thinking to buy course from Udemy but I found you. You're the best! Thanks for all videos you uploaded.
@bertrandfossung12163 жыл бұрын
Man you’re a life saver. I’ve been browsing the internet for this for quite sometime now. Good thing you make Mobile Rest API explanation so simple. Thank you very much. 🙏🏾🙏🏾🙏🏾
@jatinsachdev5 жыл бұрын
Mitch - Authorization Key is different from tokens. Auth token concept is based on oAuth specification. Please correct me if I am wrong. Access tokens + refresh tokens are generated when you authenticate. Access token expires then refresh token is used to regenerate access token.
@codingwithmitch5 жыл бұрын
Django rest framework token auth is as I explained in this video. There is many ways to authenticate. This is one of them
@codingwithmitch5 жыл бұрын
The food2fork auth method is slightly different if that's what you meant. It was just meant to be an example
@gauravshinde65594 жыл бұрын
Thanks a lot... I was struggling to understand this concept and I am currently building project with flutter and django backend.... So looking forward for your series
@ravronz96773 жыл бұрын
very clean explaination thanks so much for your effort.
@aromatastore95974 жыл бұрын
Hey Mitch why some frameworks generate the api_token upon registration of the user ? And one more question api_tokens can be used only for Authentication and not for authorization right ? I mean if i have to get data for a specific user ill do it with the old way upon login i'll fetch from db his user_id and then store it in a session for later use for the queries right ? Or i could use JWT..
@jaakkooksa53744 жыл бұрын
Passing the API key in the query string does not seem terribly secure :-)
@Ibrahim_usman5 жыл бұрын
Hello, can you consider doing something on JWT Bearer token with mobile app? I'm yet to see someone build a Rest api with Refresh tokens
@codingwithmitch5 жыл бұрын
What do you mean by refresh tokens? You mean one that refreshes every day or hour or something?
@Ibrahim_usman5 жыл бұрын
CodingWithMitch More like once you login, two tokens are generated. An access token that grants the user access and a refresh token to use and generate a new access token when the previous one expires. Let’s say an access token will take 7 days to expire, but the refresh token can take 100days to expire. Within that 100days the app can generate multiple access tokens without the user having to login again. I read that it helps with security and the User Experience if you’re designing an app where the user can afford not to login too often. I’m not yet really good at using it but if u want an example you can take a look at how firebase uses Access and refresh token for app authentication. Hope this helps
@buzzminkyunghoon38565 жыл бұрын
Yeah I have seen refresh token in Facebook authentication oauth2
@kaizen960 Жыл бұрын
Dude thanks for sharing ur knowledge! You helping thousands of people.
@bikerflyer5634 жыл бұрын
yes you are one of the best teachers i have found!
@SaminAliMondal5 жыл бұрын
But the difference is, Firebase automatically give data to app by listener. But our manual created rest apis not. We need to call api, to check updates. Sometime I got too many request error from Retrofit for checking updates. I'm talking about chat application, which I'm building.
@NirmalyaSaha4 жыл бұрын
I'm using MS Adal plugins for a Ionic3 project and its validate user from azure. Now, If I follow the below steps, Logged in the app after the sso validation and close the app. I change the password from a web browser. Now, I again open the app. then, the app is opening without validating the JWT access token. For a browser, the browser itself do all the validation for SSO authentication. We don't need to remember the accessToken in the application. But a mobile app is standalone application. So, is there a way to validate and renew the JWT access token for mobile app? OR could I validate and renew the JWT access token via dot net api?
@navalhasan48312 жыл бұрын
We can create Auth token by using firebase right? So when we do that from mobile, How the authentication is happening? I mean how does the server team knows this is the right token?
@erickariuki51694 жыл бұрын
I wish I had the ability to subscribe twice to this channel.
@randy44434 жыл бұрын
Hi Mitch, I am wondering if you are able to filter an API? For example, if an API provides media(photo and video) but you only want to retrieve photos, is this possible?
@kingkesylo85164 жыл бұрын
MANNNN YOU ARE THE BEST OF BESTS. THANK YOU VERY MUUUUUUUUUUUUUUUUUUUCH
@bhaveshagarwal65095 жыл бұрын
Hey Mitch Can u tell me how to delete the token when the user logged out from the app.
@codingwithmitch5 жыл бұрын
token.delete()
@bhaveshagarwal65095 жыл бұрын
@@codingwithmitch Is it necessary to delete token manually or it gets automatically deleted when the user log out from the app when we are using authtoken
@codingwithmitch5 жыл бұрын
@@bhaveshagarwal6509 It does not get automatically deleted. If you want to generate a new one upon every login, you should delete it when they logout or something.
@bhaveshagarwal65095 жыл бұрын
@@codingwithmitch Ok, thanks mitch :)
@burakataseven25955 жыл бұрын
Let's say i built a mobile app which logins into your api receives token and uses your api. Is there a way you could prevent me using your api ?
@codingwithmitch5 жыл бұрын
Yes. Only members on codingwithmitch will have a valid token
@junekatunge95942 жыл бұрын
what is a slug and do i need it in my project?
@vkashpoudel87713 жыл бұрын
Like how to expire these api key for the users for a 3 month time and the users have to request again for the key
@riteshranjan44623 жыл бұрын
Can you help me with APIMEDIC api authentication? I am currently doing a project. And I am stuck in it for 2 days. I need urgent help.
@mykalimba5 жыл бұрын
Many people are reluctant to provide an email/password combination to use a mobile app (think shopping apps like Target, etc.). Is there a way to authenticate "anonymously" (perhaps using information about the device) such that the server knows who you are (and what's in your shopping cart) every time you run the app (assuming on the same device)?
@PeteMidg2 жыл бұрын
Yes, for certain things you (as the programmer) want to authorise behind the scenes to a (for example) azure active directory protected api, and I think that the only way to do that is with one dedicated userId that is registered with your own azure AD. That covers the ‘anonymous’ use, and you can then have a ‘logged in’ part of the app where it is a personal account that the customer has set up. Thoughts?
@ashwinkumarsariwal63213 жыл бұрын
Hey Mitch, is there a way so that only our project can use the Rest API, not any other website should access the rest API?
@codingwithmitch3 жыл бұрын
Ya through the authentication. Only users with a valid token can access the API
@ashwinkumarsariwal63213 жыл бұрын
@@codingwithmitch thank you for your reply, I wanted to ask what if the website does not have any user creation, and I want only my website to consume the django rest api that is created in the same project.
@codingwithmitch3 жыл бұрын
@@ashwinkumarsariwal6321 you need something to differentiate the things you want to use the Api with the things that can't. Check out the different forms of authentication in the Django rest framework docs
@ashwinkumarsariwal63213 жыл бұрын
@@codingwithmitch thank you for your help, I hope this will work, you are the best🔥
@buzzminkyunghoon38565 жыл бұрын
Wow. This has 1k already in one day. Others got like 100 views. What keyword triggered?
@codingwithmitch5 жыл бұрын
Not sure. But generally the Django videos don't do well. I think this one did good because it's not as django specific
@buzzminkyunghoon38565 жыл бұрын
@@codingwithmitch Yeah and also probably includes "Mobile apps" ofcourse
@Денис-ж3ф5р2 жыл бұрын
Why does your PostMan look like that?
@vkashpoudel87713 жыл бұрын
how can we provide random generated password and validate to 3 moths of time farme and then that password expires.please could you help me out. I am confused
@ahmadmohammad74194 жыл бұрын
Thank you so much for making such a great course
@sayedaliyahyaazhar42184 жыл бұрын
how can I secure my Google Map API key in android?
@stockmarketinusa12512 жыл бұрын
HOW TO CONNECT API BETWEEN WEBSITE AND DESKTOP APP
@murodalisharipov59293 жыл бұрын
how do you store the token in android app?
@rayaangrewal10355 жыл бұрын
8:42 TRUE AF !!!
@riteshkumartiwari1535 жыл бұрын
Awesome
@andrews132 жыл бұрын
4:55
@kokimycat5 жыл бұрын
My facebook account has been disabled without reason,can you help me please