I have a Django project which uses django's contrib library for session management using cookies (for both Admin panel and User authentication). Now I'm migrating to JWT token based authentication system. I do not want to re-build an admin portal.
My current settings.py looks like this MIDDLEWARE_CLASSES = ( 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'MyJwtMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ) Right now all my APIs fail because the requests should pass through both middlwares (Token based and cookie based) *What I want to achieve:* 1) Django's Admin portal (urls starting with /admin/) should use cookie based authentication system and uses all the midddlwares (meaning it should not use the JwtMiddlware) 2) All other urls should use token based authentication (meaning it should not use the contrib middlewares). Is there any way I can split the middleware wrt urls? -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/c7d87640-5e6d-47c4-8d34-80270c858c2c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.