Skip to main content

Authentication package for Django REST Framework

Project description

auth-drf

A Django REST Framework package that provides JWT Authentication and Role-Based Access Control (RBAC).


Features

  • JWT Authentication
  • User Registration
  • User Login
  • User Logout
  • Refresh Token Rotation
  • Role-Based Access Control (RBAC)
  • Role CRUD APIs
  • Django Permission Integration

Requirements

  • Python 3.12+
  • Django 5.x / 6.x
  • Django REST Framework
  • djangorestframework-simplejwt

Installation

Install from PyPI

pip install auth-drf

Project Setup

Step 1: Add the package to INSTALLED_APPS

INSTALLED_APPS = [
    ...

    "rest_framework",
    "auth_drf",
]

Step 2: Create a Custom User Model

from auth_drf.models.user_model import BaseUser

class Customer(BaseUser):
    class Meta:
        abstract = False

Note

Customer is only an example. Your custom user model can have any name.


Step 3: Configure AUTH_USER_MODEL

AUTH_USER_MODEL = "user_test.Customer"

Step 4: Configure DRF Authentication

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": (
        "rest_framework_simplejwt.authentication.JWTAuthentication",
    ),
}

Step 5: Include Package URLs

from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path("admin/", admin.site.urls),
    path("", include("auth_drf.urls")),
]

Step 6: Run Migrations

python manage.py makemigrations
python manage.py migrate

Authentication

After login, use the Access Token for all protected endpoints.

Authorization: Bearer <access_token>

API Endpoints

Method Endpoint
POST /auth/register/
POST /auth/login/
GET /auth/google/login/
GET /auth/google/callback/
POST /auth/logout/
POST /auth/token_refresh/
POST /roles/
PATCH /roles/<id>/
GET /roles/
GET /roles/<id>/

Authentication APIs

Register User

Endpoint

POST /auth/register/

Request Payload

{
    "first_name": "Vinnie",
    "last_name": "Sheoran",
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "password": "vinnie"
}

Response

{
    "success": "Registration Successful",
    "detail": {
        "user": "vinnie@yopmail.com"
    }
}

Login User

Endpoint

POST /auth/login/

Request Payload

{
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "password": "vinnie"
}

Response

{
    "id": 1,
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ],
    "access": "<access_token>",
    "refresh": "<refresh_token>"
}

Google Login User

Endpoint

GET /auth/google/login/

Response

{
    "url": "<google_redirect_url>"
}


Google Login User Callback

Callback API is called automatically by Google OAuth.

Endpoint

GET /auth/google/callback?

Response

{
    "id": 1,
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ],
    "access": "<access_token>",
    "refresh": "<refresh_token>"
}


Logout User

Endpoint

POST /auth/logout/

Request Payload

{
    "refresh": "<refresh_token>"
}

Response

{
    "success": "Logout Successful"
}

Refresh Token

Endpoint

POST /auth/token_refresh/

Request Payload

{
    "refresh": "<refresh_token>"
}

Response

{
    "access": "<new_access_token>",
    "refresh": "<new_refresh_token>"
}

Role APIs

Create Role

Endpoint

POST /roles/

Authentication

Requires a valid Access Token.

Request Payload

{
    "name": "Interns",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

Response

{
    "id": 5,
    "name": "Interns",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

Update Role

Endpoint

PATCH /roles/<id>/

Authentication

Requires a valid Access Token.

Request Payload

{
    "name": "Manager",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

Response

{
    "success": "Role is Updated",
    "data": {
        "id": 3,
        "name": "Manager",
        "permissions": [
            {
                "module": "customer",
                "actions": [
                    "add_customer",
                    "change_customer",
                    "delete_customer",
                    "view_customer"
                ]
            }
        ]
    }
}

List Roles

Endpoint

GET /roles/

Authentication

Requires a valid Access Token.

Response

[
    {
        "id": 2,
        "name": "Administrator",
        "permissions": [
            {
                "module": "customer",
                "actions": [
                    "add_customer",
                    "change_customer",
                    "delete_customer",
                    "view_customer"
                ]
            }
        ]
    },
    {
        "id": 3,
        "name": "Manager",
        "permissions": [
            {
                "module": "customer",
                "actions": [
                    "add_customer",
                    "change_customer",
                    "delete_customer",
                    "view_customer"
                ]
            }
        ]
    }
]

Retrieve Role

Endpoint

GET /roles/<id>/

Authentication

Requires a valid Access Token.

Response

{
    "name": "Manager",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

License

This project is licensed under the MIT License.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

auth_drf-0.1.8.tar.gz (13.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

auth_drf-0.1.8-py3-none-any.whl (18.2 kB view details)

Uploaded Python 3

File details

Details for the file auth_drf-0.1.8.tar.gz.

File metadata

  • Download URL: auth_drf-0.1.8.tar.gz
  • Upload date:
  • Size: 13.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for auth_drf-0.1.8.tar.gz
Algorithm Hash digest
SHA256 66cfb0b66935c7929e6a443980163d067e824b4cd9f8a36bbad83b47dd8f55a8
MD5 bbdc3e5aaea5a2d2a1ec8a465c6724c1
BLAKE2b-256 4488d600b48dae96f4c641bf19bb04c49596f125992e6b21682dc177623a78a4

See more details on using hashes here.

File details

Details for the file auth_drf-0.1.8-py3-none-any.whl.

File metadata

  • Download URL: auth_drf-0.1.8-py3-none-any.whl
  • Upload date:
  • Size: 18.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for auth_drf-0.1.8-py3-none-any.whl
Algorithm Hash digest
SHA256 0c7b7703957aec3e637242f98a24a52caf3130c3766a26b398f19aa5e6ae7a61
MD5 753178ef399243e116dcc93f3ae21cb4
BLAKE2b-256 f177e5458408cb341a73d0649e6d8c79b622d6a4f4d729f01048af723e3d1b83

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page