Django Rest Framework (DRF) provides several built-in authentication classes, including session authentication. Session authentication allows users to authenticate by using Django’s built-in session framework, which relies on a session ID cookie that is sent with each HTTP request.

To enable session authentication in DRF, you need to include the SessionAuthentication class in the DEFAULT_AUTHENTICATION_CLASSES list in your DRF settings. For example:


Once session authentication is enabled, users can authenticate by logging in via a Django view or by including the session ID cookie with their requests. DRF will automatically use the SessionAuthentication backend to authenticate requests that include the session ID cookie.

A simple project on session authentication in Django Rest Framework:

1. Create a new Django project using the following command:

django-admin startproject myproject

2. Create a new Django app using the following command:

python startapp myapp

3. Install Django Rest Framework by running the following command:

pip install djangorestframework

4. In your myproject/ file, add rest_framework to your INSTALLED_APPS list:

    # ...

5. In your myapp/ file, create a simple API view that requires authentication:

from rest_framework.decorators import api_view, authentication_classes, permission_classes
from rest_framework.authentication import SessionAuthentication
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response

def my_view(request):
    content = {'message': 'Hello, world!'}
    return Response(content)

6. In your myproject/ file, create a URL pattern for your API view:

from django.urls import path
from myapp.views import my_view

urlpatterns = [
    path('my-api/', my_view, name='my-api'),

7. In your myproject/ file, add rest_framework.authentication.SessionAuthentication to your DEFAULT_AUTHENTICATION_CLASSES list:


8. Run the server using the following command:

python runserver

9. Open a web browser and navigate to You should be redirected to the login page. Log in with a valid user account, and you should be able to access the API view.

That’s it! This is a simple project that demonstrates how to implement SessionAuthentication in Django Rest Framework.

Github Link: