An Authentication backend for Django Rest Framework for AWS Cognito JWT tokens
pip install django-cognito-jwt
Add the following lines to your Django settings.py
file:
COGNITO_AWS_REGION = '<aws region>' # 'eu-central-1'
COGNITO_USER_POOL = '<user pool>' # 'eu-central-1_xYzaq'
COGNITO_AUDIENCE = '<client id>'
(Optional) If you want to cache the Cognito public keys between requests you can
enable the COGNITO_PUBLIC_KEYS_CACHING_ENABLED
setting (it only works if you
have the Django CACHES
setup to anything other than the dummy backend).
COGNITO_PUBLIC_KEYS_CACHING_ENABLED = True
COGNITO_PUBLIC_KEYS_CACHING_TIMEOUT = 60*60*24 # 24h caching, default is 300s
Also update the rest framework settings to use the correct authentication backend:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
...
'django_cognito_jwt.JSONWebTokenAuthentication',
...
],
...
}
Be sure you are passing the ID Token JWT from Cognito as the authentication header. Using the Access Token will work for authentication only but we're unable to use the get_or_create_for_cognito method with the Access Token.