[tga]

There is no canned way to do it in one shot, but using regular Django session authentication together with a PWA frontend hosted separately is not that difficult.

The actual authentication remains on the Django app, using the standard way of POSTing to a login form and receiving a session cookie -- only instead of a server-generated page serving a HTML form, you have the PWA lipstick sending data directly. This approach is so much simpler than dealing with id/access/refresh tokens, encryption keys, black lists, and all of the OIDC dance.