Skip to main content

Authentication package for Django REST Framework

Project description

auth-drf

A Django REST Framework package that provides JWT Authentication and Role-Based Access Control (RBAC).


Features

  • JWT Authentication
  • User Registration
  • User Login
  • User Logout
  • Refresh Token Rotation
  • Role-Based Access Control (RBAC)
  • Role CRUD APIs
  • Django Permission Integration

Requirements

  • Python 3.12+
  • Django 5.x / 6.x
  • Django REST Framework
  • djangorestframework-simplejwt

Installation

Install from PyPI

pip install auth-drf

Project Setup

Step 1: Add the package to INSTALLED_APPS

INSTALLED_APPS = [
    ...

    "rest_framework",
    "auth_drf",
]

Step 2: Create a Custom User Model

from auth_drf.models.user_model import BaseUser

class Customer(BaseUser):
    class Meta:
        abstract = False

Note

Customer is only an example. Your custom user model can have any name.


Step 3: Configure AUTH_USER_MODEL

AUTH_USER_MODEL = "user_test.Customer"

Step 4: Configure DRF Authentication

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": (
        "rest_framework_simplejwt.authentication.JWTAuthentication",
    ),
}

Step 5: Include Package URLs

from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path("admin/", admin.site.urls),
    path("", include("auth_drf.urls")),
]

Step 6: Run Migrations

python manage.py makemigrations
python manage.py migrate

Authentication

After login, use the Access Token for all protected endpoints.

Authorization: Bearer <access_token>

API Endpoints

Method Endpoint
POST /auth/register/
POST /auth/login/
GET /auth/google/login/
GET /auth/google/callback/
POST /auth/logout/
POST /auth/token_refresh/
POST /roles/
PATCH /roles/<id>/
GET /roles/
GET /roles/<id>/

Authentication APIs

Register User

Endpoint

POST /auth/register/

Request Payload

{
    "first_name": "Vinnie",
    "last_name": "Sheoran",
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "password": "vinnie"
}

Response

{
    "success": "Registration Successful",
    "detail": {
        "user": "vinnie@yopmail.com"
    }
}

Login User

Endpoint

POST /auth/login/

Request Payload

{
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "password": "vinnie"
}

Response

{
    "id": 1,
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ],
    "access": "<access_token>",
    "refresh": "<refresh_token>"
}

Google Login User

Endpoint

GET /auth/google/login/

Response

{
    "url": "<google_redirect_url>"
}


Google Login User Callback

Callback API is called automatically by Google OAuth.

Endpoint

GET /auth/google/callback?

Response

{
    "id": 1,
    "email": "vinnie@yopmail.com",
    "username": "vinnie",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ],
    "access": "<access_token>",
    "refresh": "<refresh_token>"
}


Logout User

Endpoint

POST /auth/logout/

Request Payload

{
    "refresh": "<refresh_token>"
}

Response

{
    "success": "Logout Successful"
}

Refresh Token

Endpoint

POST /auth/token_refresh/

Request Payload

{
    "refresh": "<refresh_token>"
}

Response

{
    "access": "<new_access_token>",
    "refresh": "<new_refresh_token>"
}

Role APIs

Create Role

Endpoint

POST /roles/

Authentication

Requires a valid Access Token.

Request Payload

{
    "name": "Interns",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

Response

{
    "id": 5,
    "name": "Interns",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

Update Role

Endpoint

PATCH /roles/<id>/

Authentication

Requires a valid Access Token.

Request Payload

{
    "name": "Manager",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

Response

{
    "success": "Role is Updated",
    "data": {
        "id": 3,
        "name": "Manager",
        "permissions": [
            {
                "module": "customer",
                "actions": [
                    "add_customer",
                    "change_customer",
                    "delete_customer",
                    "view_customer"
                ]
            }
        ]
    }
}

List Roles

Endpoint

GET /roles/

Authentication

Requires a valid Access Token.

Response

[
    {
        "id": 2,
        "name": "Administrator",
        "permissions": [
            {
                "module": "customer",
                "actions": [
                    "add_customer",
                    "change_customer",
                    "delete_customer",
                    "view_customer"
                ]
            }
        ]
    },
    {
        "id": 3,
        "name": "Manager",
        "permissions": [
            {
                "module": "customer",
                "actions": [
                    "add_customer",
                    "change_customer",
                    "delete_customer",
                    "view_customer"
                ]
            }
        ]
    }
]

Retrieve Role

Endpoint

GET /roles/<id>/

Authentication

Requires a valid Access Token.

Response

{
    "name": "Manager",
    "permissions": [
        {
            "module": "customer",
            "actions": [
                "add_customer",
                "change_customer",
                "delete_customer",
                "view_customer"
            ]
        }
    ]
}

License

This project is licensed under the MIT License.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

auth_drf-0.1.6.tar.gz (13.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

auth_drf-0.1.6-py3-none-any.whl (18.3 kB view details)

Uploaded Python 3

File details

Details for the file auth_drf-0.1.6.tar.gz.

File metadata

  • Download URL: auth_drf-0.1.6.tar.gz
  • Upload date:
  • Size: 13.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for auth_drf-0.1.6.tar.gz
Algorithm Hash digest
SHA256 f474145c75c411b08a54eed42b5f3a29d7087542c2d88e0bf855d6cfcce8164b
MD5 4a3fac278ede1daba170f813e682bc12
BLAKE2b-256 3152dc9b512987d0d56226ed92436ad4dd4ed00bbb105967148f82aa983083f6

See more details on using hashes here.

File details

Details for the file auth_drf-0.1.6-py3-none-any.whl.

File metadata

  • Download URL: auth_drf-0.1.6-py3-none-any.whl
  • Upload date:
  • Size: 18.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for auth_drf-0.1.6-py3-none-any.whl
Algorithm Hash digest
SHA256 c01d0173fb54ee5ee42d746e5b32451ae4adb05582fb1c16e6ec5d8599c47725
MD5 fcbd2d8b69be8649766c0b4fe59f8d15
BLAKE2b-256 0169cce12df4fa7262940f115932fa15afed47c376061a8c3eaa7b2733f1f7ee

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page