I dont know why this content doesnt have so much visualization.. This is the best content that i have seen related to setup of Django rest with react js.. I have paid a course for this.. explanations were much worse.. i didnt understand anything related to custom user models and tokens.. Too much respect for this guy

It feels like this channel provides tutorials from the teacher with the highest programming skills I've seen so far.

We don't get such content even after paying. Hats off !!! Thank you for the great content !!

Best tutorial on token authentication using django JWT and react. I liked the content very much. Your channel should become famous.

For anyone using react-router-dom version 6 or newer, 'useHistory()' was deprecated and replaced by 'useNavigate()'. Also was deprecated and replaced with

You are a brilliant teacher! Thank you so much! After hours of frustration when trying to understand JWT i stumbled upon your playlist and i now do not feel dumb and lost. It's pure join to understand this stuff och get things to work as expected.

Love the "hello and welcome back". Another awesome tutorial.

The way you firstly explain why we need it and how does it work, with diagrams is really helpful, thank you very much

How can someone give such great work for free!!! It's the best tutorial to me till now for Django... I wish I could do more than subscription and like. Thanks a lot...

Agreed with everyone this is the most succinct and understandable walkthrough of Django and DRF - thank you so much you deserve so many more views!

This is just a brilliant video. I mean the efforts you've put in, mad respect mate!

Thank you so much for this tutorial! I was in a tailspin of whether to use Django's built-in token authentication or other 3rd party packages, which seemed like a pain to integrate into my project and had very little return of investment. This seems like it's by far the best way to go.

the way you explained such a complex topic... sir ji you are great

Hands down one of the best tutorials I've ever seen! Thank you good sir!

Your channel is a lifesaver 😭😭😭❤️❤️❤️

Issues with this : - the permissions are set to AllowAny so the login/logout does not affect the accessibility of the data from the server. An example where the posts cannot be seen only when logged in would been better. - the logout component keeps creating blacklist token even after the user is logged out . keep pressing the logout button and the blacklist tab in the admin page will fill up - again the last part of the series is rushed. Maybe in the future u can split this tutorials for better experience. (we obviously get tired by the end) Still I appreciate the hard work u put in to make this videos with topics that are not touched by the general youtubers in this field..

Thank you so much for posting that video. Liked, saved and subscribed! I'm starting to learn react and I use Django as the backend. This is just what I needed!

Your explanations are very very very detailed and it is good for understanding how things actually work behind the scenes. Thank you so much!

My progression over the past three months has been FCC (HTML, CSS, JS, React), Dr Chuck (Python 4 everyone), Corey Schafer (Flask/Django), then building my own Flask/Django projects. It was then that I didn't know what to do next, until I discovered this!

Thank you so much, very few people can explain in such a simple and concise manner.

Stellar tutorial! This has really helped me get past a big sticking point in my own full stack app.

Shout out to you for creating such a great content! Keep it up man!

Best teacher online....

You explain everything very beautifully. Now node js is in trend.. but I think django is simple

Wow.... You're taking this to a greater level.

This is exactly what I was looking for

Wow :d ... a Lot of topics have been covered since i left... Actually i was sick ..but im fine now so wil continue watching from where i left

1K Subs!! Congratulations 🎉🎉🎉

Thank you very much! Top level content. You're a life saver mate.

If anyone faced problem during blacklisting it's probably because no response was sent from the blacklisting view in the try part. So make sure you include a Response("Sucessful", status=status.HTTP_200_OK) inside the try

Thanks but please do NextAuth with Django Rest Framework, with Google OAuth. Also, adding "email and password" based authentication on the same tutorial will be great. I am desperetely waiting for your response.

Master of Masters 🙇‍♂️

Wow, this is very high quality content! Subscribed! I would find also interesting to learn how implement something like useContext, to keep the user info available through components, along with this React and Django/JWT configuration!

I think you mistakenly named the function SignUp 1:24:00 This was very useful, thank you

But where does the users information come from why does no one show this? Once you get the token how do you get and use the information from the logged in user with the token??

at 33:32 after creating a superuser my postman is showing bad request, what could be wrong?

can you please put the link to the resource from where you get the code of the interceptors

Video is great, just pointing out that refresh URL in axios.js file, it returns only access token but in code refresh is also stored again as undefined, so simply remove the refresh token line else it will give error

Thank you very much, gonna use this with Spring Rest Api, made some changes with React 18 and TypeScript

best content on DRF on entire YT

hey, I'm trying to log in with a user and it says "No active account found with the given credentials" but when I try to login with superuser it's working fine. cannot log in with a normal user edt:fixed it

Hi Zander Your tutorial is as good as always. Salute first! I have a question (or request) : How can I make login and logout link in the navbar show based on login status( or localStorage null or not)? I have been trying but to no avail. The navbar doesn't render unless being refreshed after login and logout.

How do you test the /logout/ endpoint in Postman? Having a hard time trouble figuring it out...

May I ask would you prefer this over django rest auth?

Hello Zander, Thank you for the wonderful state-of-the-art tutorials. I am following this one and everything works fine so far. The only thing is that I would like to implement a function (in the frontend) that checks if the user is logged in and if they are, it should change the header buttons Register and Login to the username and a "Logout button" that calls the logout function. How can I do that? I have been looking around a lot but I wasn't able to find anything helpful. Thanks.

When I refresh the page and the token is expired it goes into infinite loop.

Hello is this still usefull for today? using nuxt 3?

In the create.js file saying that by default the author of the video is the author with id 1. How can I make that if I signed with id 2, the author field is going touse the id 2?

I have tried many ways to solve it like installing django cors header, cors_allowed_origin and all. The thing perfectly work for registering and I can register my user. But it shows cors error while showing blog data and login. What may be causing it?

After logging in how could I display the current username in the header on every page? Is it available from the token in local storage?

How to display the error if username or email already exist we are only receving 400 bad request

how safe is using localStorage with the access tokens?

keeping token in local storage isn't safe due to XSS attack. But is it the better way there?

Great tutorial, can you also make a tutorial to explain how to properly use axios. It is not easy to understand interceptors. Overall, the tutorial is great, got me glued till the end.

Best channel for django stuff. Do you have any udemy course?

Hello, thanks for this series, it's really helpful! I was wondering if you also made a video on how to show/hide login/logout button based on logged in state. I've seen other people in the comments asking for the same thing and you said you would have made a video about it eventually, I tried to look for it in your channel but I did not find it.

thanks bro.. Love From India

Thanks for sharing so much insider knowledge. What I don't understand is why you use JWT instead of the build-in ´'rest_framework.authentication.TokenAuthentication'`? I currently work with the build-in Token Authentification. What are the reasons to switch? Should I?

Hi, thanks for your tutorial. I have been struggling to config a custom user model. I have configured the model and I have referenced it on the settings and it always leads me to the following error - "AttributeError: Manager isn't available; 'auth.User' has been swapped". Can anyone help please.....

who is here in 2024

Great tutorial, thanks

Is it possible to send the jwt refresh token as an http-only cookie? That would improve security and avoid the need to store it in localStorage

In this tutorial I'm Stuck at one place where I'm sending correct data and user info is present still I'm not able to login that user showing : "detail": "No active account found with the given credentials" .In Django Admin panel I'm able to see that users data

you are just awesome 🍀

Just like I said before this content is next level! even comparing it to paid ones! Whats the advantage of using DRF with React instead of nodejs with React and how often DRF + React is used in production? thanks again ! Your efforts are greatly appreciated and your chanell will blow up in no time !

You are a brilliant teacher! I love your work sir But I have a problem getting the current user that is log in using JWT in reactjs.

Thanks for the excellent tutorial. Do you happen to have any resources for accomplishing the token refresh with a fetch wrapper instead of axios?

Thanks for the great tutorial. I have a question about the security of refresh tokens: can the refresh token be copy/pasted and given to someone else, which allows them to get access tokens?

Hi, I'm not able to see auth tokens in the inspect - > Application any help. not able to get the storage tab as you got in the video.

Any place I can find the Axios Instance adapted to React Native?

Wanted to point out that if by any chance the refresh token in the localStorage is edited and doesn't match anything your code end up in an infinite loop calling "/api/token/refresh/" indefinitely. I modified it to check if it's in the Blacklist + using the /token/verify endpoint but even like this if you change its last character and it's not caught up by /token/verify/ you end up in a loop. The problem is that if the token isn't blacklisted you can't really tell if it's a fake one or not because OutstandingToken object isn't created when the pair is generated from /api/token/refresh but when you actually use the refresh token to ask for a new pair ( and it Blacklist it in the same time, kinda weird, why having these 2 models if it creates it and blacklist it directly ? The only time the outstanding token is created directly is at login when you manually provide credentials ). Because of that you can't ask the database if this token exist and you may end up in a loop if the fake one isn't detected by /api/token/verify/. If someone have a hint that'd be cool.. Edit : Finally creating another axios instance like AxiosSafeInstance without authorization headers and using it when you call /api/token/refresh does the job ( be sure to update the original Axiosinstance Authorization headers with tokens and not this one ).

I am getting "TypeError: posts.map is not a function" error in react posts.js at the line "{posts.map((post) => {" , what should I do?

I have a question. How does the frontend recognize if the user is logged in or not?

Thank you for the video. Everything works so far - although i definitely need to work on some feedback for the user with all the form data ; I am a bit confused though: What are the next steps after this? The user can log in and log out but how can i actually display data specific to individual users or wether or not someone is logged in? Do you have any references to your own videos or keywords i can search for when it comes to best practices for handling user specific data (user id etc.)?

can we do this without creating custom user model and using django built in user model?

Good morning. thank you for your course's. I don't know if you are going to see this. but i have a issue with postman, in spite of going over my code with fine tooth comb. I keep getting this message "detail": "Authentication credentials were not provided." can you please help

I think that error handling with alert could be vulnerable to XSS attack

Hi very academy, can you make a tutorial on registering users through phone numbers? aka Twilio

wow such a wonderful viseriez

In the line .post('token/refresh/', { refresh: refreshToken }) .then((response) => { the response.data only contains access_token and no refresh_token, but we are updating the refresh_token localStorage.setItem('refresh_token', response.data.refresh); this sets 'refresh_token' = undefined and next time when the request is made 'refresh_token' is found to be undefined and atob can be executed on undefined and gives error I think this may be the reason

why session id still being send with each request cookie ?

hello, when i tried posting data with Postman using this endpoint "127.0.0.1:8000/api/user/register/", this was the response i got : {"detail":"Unsupported media type \"text/plain\" in request."}

Hi. This tutorial is gold as others said. Thank you. I am a beginner so I could not get the point of putting the refresh token after user logs out. We already clean localstorage so if we did not put the reflesh token in blacklist how would the user could log in ?

It saves 2 tokens for me on the blacklist, only 1 for you. In my case, one saves it when I log in and the other when I log out.

Great tutorial! You mentioned using a custom user model in favor of the tutorial moving along a bit quicker. How does creating a custom model make this faster over using the built in user model? What would I need to do differently if using the basic user model? Thanks! :D

Posts are not loading even after i have recieved the acces and refresh tokes, when i redirect to '/' console says unauthorized, please helpp

Hello. I can't seem to install axios. it keeps giving me errors.

How can we extract the user information details from jwt token? Would you do a video on that?

Hello Zander, I have a doubt.. Does using this package "jwt-decode" would decode the jwt in the front end so that we can get the current user information? Is it a good practice or is there any other widely used method? Thanks

I'm having trouble in setting Postman as it continuously showing.. { "email": [ "This field is required." ], "password": [ "This field is required." ] } Thanks in advance!!!

So thank you

I have one doubt again. Sorry for the trouble.. How can we change the states of button with use state for login button and logout button..like to render with 2 different conditions..so when a user login..he shouldn't be able to see login button or register like it does now.. Thanks 😊

can you make a video on how to integrate django rest framework with keycloak?

how you have connected react and django please show that...

Thank you so much!

Thanks for another great tutorial! One thing I noticed is, when a token gets put on the blacklist it still remains in the Outstanding Tokens as well. Is this intentional in terms of how JWTs work?

Do you have the video for the axios interceptors?

keep it up bro!

great stuff

Hello, when I try to use the code straight from the repo, on running it, it just loops: "POST /api/token/refresh/ HTTP/1.1" 401 65 Unauthorized: /api/token/refresh/ How do I fix this?