GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → jpadilla → Django Jwt Auth

jpadilla / Django Jwt Auth

Licence: mit
JSON Web Token Authentication support for Django

Programming Languages

python
139335 projects - #7 most used programming language

Labels

djangojwt

Projects that are alternatives of or similar to Django Jwt Auth

Dj Rest Auth
Authentication for Django Rest Framework
Stars: ✭ 491 (+206.88%)
Mutual labels:  django, jwt
Authlib
The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
Stars: ✭ 2,854 (+1683.75%)
Mutual labels:  django, jwt
Django Auth0 Vue
A Django REST Framework + Vue.js CRUD Demo Secured Using Auth0
Stars: ✭ 99 (-38.12%)
Mutual labels:  django, jwt
Django Rest Framework Jwt
JSON Web Token Authentication support for Django REST Framework
Stars: ✭ 3,105 (+1840.63%)
Mutual labels:  django, jwt
Django Graphql Jwt
JSON Web Token (JWT) authentication for Graphene Django
Stars: ✭ 649 (+305.63%)
Mutual labels:  django, jwt
Django Graphql Social Auth
Python Social Auth support for Graphene Django
Stars: ✭ 90 (-43.75%)
Mutual labels:  django, jwt
Django Auth Adfs
A Django authentication backend for Microsoft ADFS and AzureAD
Stars: ✭ 127 (-20.62%)
Mutual labels:  django, jwt
Imitationtmall django
用python开发基于Django框架的仿天猫网站项目This Project is imitation Tmall website for using python based on the development of Django framework
Stars: ✭ 156 (-2.5%)
Mutual labels:  django
Cs Unplugged
A collection of free teaching material that teaches Computer Science through engaging games and puzzles that use cards, string, crayons and lots of running around.
Stars: ✭ 158 (-1.25%)
Mutual labels:  django
Cakephp Jwt Auth
A CakePHP plugin for authenticating using JSON Web Tokens
Stars: ✭ 153 (-4.37%)
Mutual labels:  jwt
Behave Django
Behave BDD integration for Django
Stars: ✭ 155 (-3.12%)
Mutual labels:  django
Django Salesman
Headless e-commerce framework for Django.
Stars: ✭ 157 (-1.87%)
Mutual labels:  django
Django Herald
A Django messaging library
Stars: ✭ 159 (-0.62%)
Mutual labels:  django
Django Storages
django-storages is a project to provide a variety of storage backends in a single library.
Stars: ✭ 2,047 (+1179.38%)
Mutual labels:  django
Cheatsheets.pdf
📚 Various cheatsheets in PDF
Stars: ✭ 159 (-0.62%)
Mutual labels:  django
Nitrate
Django based full-featured test case management system
Stars: ✭ 154 (-3.75%)
Mutual labels:  django
Episodes
Self Hosted TV show Episode tracker and recommender built using django, bootstrap4.
Stars: ✭ 160 (+0%)
Mutual labels:  django
Api guard
JWT authentication solution for Rails APIs
Stars: ✭ 159 (-0.62%)
Mutual labels:  jwt
Study
全栈工程师学习笔记;Spring登录、shiro登录、CAS单点登录和Spring boot oauth2单点登录;Spring data cache 缓存,支持Redis和EHcahce; web安全,常见web安全漏洞以及解决思路;常规组件,比如redis、mq等;quartz定时任务,支持持久化数据库,动态维护启动暂停关闭;docker基本用法,常用image镜像使用,Docker-MySQL、docker-Postgres、Docker-nginx、Docker-nexus、Docker-Redis、Docker-RabbitMQ、Docker-zookeeper、Docker-es、Docker-zipkin、Docker-ELK等;mybatis实践、spring实践、spring boot实践等常用集成;基于redis的分布式锁;基于shared-jdbc的分库分表,支持原生jdbc和Spring Boot Mybatis
Stars: ✭ 159 (-0.62%)
Mutual labels:  jwt
Spring Boot Examples
个人学习 SpringBoot2.x 写的一些示例程序,目前正在持续更新中.....
Stars: ✭ 159 (-0.62%)
Mutual labels:  jwt
View All Similar Projects ➔

Django JWT Auth

build-status-image pypi-version

Overview

This package provides JSON Web Token Authentication support for Django.

Based on the Django REST Framework JWT Auth package.

Installation

Install using pip...

$ pip install django-jwt-auth

Usage

In your urls.py add the following URL route to enable obtaining a token via a POST included the user's username and password.

from rest_framework_jwt.views import obtain_jwt_token, refresh_jwt_token

urlpatterns = [
    # ...

    url(r'api-token-auth/', obtain_jwt_token),
    url(r'api-token-refresh/', refresh_jwt_token),
]

You can easily test if the endpoint is working by doing the following in your terminal, if you had a user created with the username admin and password abc123.

$ curl -X POST -H "Content-Type: application/json" -d '{"username":"admin","password":"abc123"}' http://localhost:8000/api-token-auth/

Now in order to access protected api urls you must include the Authorization: Bearer <your_token> header.

$ curl -H "Authorization: Bearer <your_token>" http://localhost:8000/protected-url/

Additional Settings

There are some additional settings that you can override similar to how you'd do it with Django REST framework itself. Here are all the available defaults.

JWT_ENCODE_HANDLER = 'jwt_auth.utils.jwt_encode_handler'
JWT_DECODE_HANDLER = 'jwt_auth.utils.jwt_decode_handler',
JWT_PAYLOAD_HANDLER = 'jwt_auth.utils.jwt_payload_handler'
JWT_PAYLOAD_GET_USER_ID_HANDLER = 'jwt_auth.utils.jwt_get_user_id_from_payload_handler'
JWT_SECRET_KEY: SECRET_KEY
JWT_ALGORITHM = 'HS256'
JWT_VERIFY = True
JWT_VERIFY_EXPIRATION = True
JWT_LEEWAY = 0
JWT_EXPIRATION_DELTA = datetime.timedelta(seconds=300)
JWT_ALLOW_REFRESH = False
JWT_REFRESH_EXPIRATION_DELTA = datetime.timedelta(days=7)
JWT_AUTH_HEADER_PREFIX = 'Bearer'

This packages uses the JSON Web Token Python implementation, PyJWT and allows to modify some of it's available options.

JWT_SECRET_KEY

This is the secret key used to encrypt the JWT. Make sure this is safe and not shared or public.

Default is your project's settings.SECRET_KEY.

JWT_ALGORITHM

Possible values:

  • HS256 - HMAC using SHA-256 hash algorithm (default)
  • HS384 - HMAC using SHA-384 hash algorithm
  • HS512 - HMAC using SHA-512 hash algorithm
  • RS256 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-256 hash algorithm
  • RS384 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-384 hash algorithm
  • RS512 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-512 hash algorithm

Note:

For the RSASSA-PKCS1-v1_5 algorithms, the "secret" argument in jwt.encode is supposed to be a private RSA key as imported with Crypto.PublicKey.RSA.importKey. Likewise, the "secret" argument in jwt.decode is supposed to be the public RSA key imported with the same method.

Default is "HS256".

JWT_VERIFY

If the secret is wrong, it will raise a jwt.DecodeError telling you as such. You can still get at the payload by setting the JWT_VERIFY to False.

Default is True.

JWT_VERIFY_EXPIRATION

You can turn off expiration time verification with by setting JWT_VERIFY_EXPIRATION to False.

Default is True.

JWT_LEEWAY

This allows you to validate an expiration time which is in the past but no very far. For example, if you have a JWT payload with an expiration time set to 30 seconds after creation but you know that sometimes you will process it after 30 seconds, you can set a leeway of 10 seconds in order to have some margin.

Default is 0 seconds.

JWT_EXPIRATION_DELTA

This is an instance of Python's datetime.timedelta. This will be added to datetime.utcnow() to set the expiration time.

Default is datetime.timedelta(seconds=300)(5 minutes).

JWT_ALLOW_REFRESH

Enable token refresh functionality. Token issued from rest_framework_jwt.views.obtain_jwt_token will have an orig_iat field. Default is False

JWT_REFRESH_EXPIRATION_DELTA

Limit on token refresh, is a datetime.timedelta instance. This is how much time after the original token that future tokens can be refreshed from.

Default is datetime.timedelta(days=7) (7 days).

JWT_PAYLOAD_HANDLER

Specify a custom function to generate the token payload

JWT_PAYLOAD_GET_USER_ID_HANDLER

If you store user_id differently than the default payload handler does, implement this function to fetch user_id from the payload.

JWT_AUTH_HEADER_PREFIX

You can modify the Authorization header value prefix that is required to be sent together with the token.

Default is Bearer.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].