<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Jwt on Kuldeep Pisda</title><link>https://kdpisda.in/tag/jwt/</link><description>Recent content in Jwt on Kuldeep Pisda</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Fri, 20 Mar 2026 10:00:00 +0530</lastBuildDate><atom:link href="https://kdpisda.in/tag/jwt/index.xml" rel="self" type="application/rss+xml"/><item><title>OTP Phone Authentication for Indian Consumer Apps in Django</title><link>https://kdpisda.in/otp-phone-auth-django-drf/</link><pubDate>Fri, 20 Mar 2026 10:00:00 +0530</pubDate><guid>https://kdpisda.in/otp-phone-auth-django-drf/</guid><description>&lt;p&gt;The first real product decision I made on this veterinary clinic-management
platform — one I built solo for the Indian market back in 2019 — had nothing to do with
clinics. It was this: &lt;strong&gt;the login is a phone number and a six-digit code, not an
email and a password.&lt;/strong&gt;&lt;/p&gt;
&lt;p&gt;That sounds obvious now. It wasn&amp;rsquo;t the default I reached for. Django hands you
&lt;code&gt;username&lt;/code&gt; + &lt;code&gt;password&lt;/code&gt; out of the box, &lt;code&gt;djangorestframework-simplejwt&lt;/code&gt; assumes the
same, and every tutorial I&amp;rsquo;d read wired auth that way. But the users were pet owners
in Indian towns. A lot of them don&amp;rsquo;t have an email they check. All of them have a
phone number, and they already expect &amp;ldquo;enter your number, get an OTP&amp;rdquo; because that&amp;rsquo;s
how every app they use — payments, food, ride-hailing — logs them in. Phone &lt;em&gt;is&lt;/em&gt; the
identity here. Building email auth and bolting phone on later would have been solving
the wrong problem first.&lt;/p&gt;</description></item></channel></rss>