bunifu-django-auth 0.3.3

Centralized authentication package that enforces a single shared Django user model across multiple projects using a common database, built with Django Allauth, DRF, and SimpleJWT.

Bunifu Django Auth

A standardized authentication framework for Django projects built on:

• Django
• Django Allauth
• Django REST Framework
• SimpleJWT

Designed for internal organizational consistency and centralized user model management.

---

Features

• Email-based authentication
• JWT access & refresh tokens
• Token rotation & blacklisting
• DRF-ready endpoints
• Automatic safe default configuration
• Pluggable and override-friendly
• Production-ready test suite (pytest + factoryboy)

---

Installation

using uv or pip

uv add bunifu-django-auth
---------------------
pip install bunifu-django-auth 

---

Quick Start

Add to Installed Apps

INSTALLED_APPS = [
    "allauth",
    "allauth.account",
    "rest_framework",
    "rest_framework_simplejwt",
    "rest_framework_simplejwt.token_blacklist",
    "bunifu_django_auth",
]

Register auth user model

AUTH_USER_MODEL="bunifu_django_auth.BunifuUser"

Include URLs

from django.urls import path, include

urlpatterns = [
    path("auth/", include("bunifu_django_auth.urls")),
    # add allauth urls for the allauth paths
    path("accounts/", include("allauth.urls")),
]

Include the JWTAuthorization

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": (
        "rest_framework_simplejwt.authentication.JWTAuthentication",
    )
}

Ensure the allauth middleware is added as below

MIDDLEWARE = [
    ...
    # add this
    "allauth.account.middleware.AccountMiddleware"
]

Migrate the tables

python manage.py migrate

That’s it.

No additional configuration required.

---

Available Endpoints

Endpoint	Method	Description
/auth/register/	POST	Register new user
/auth/login/	POST	Obtain JWT access & refresh tokens
/auth/refresh/	POST	Refresh access token
/auth/logout/	POST	Blacklist refresh token

---

Default Configuration

The package automatically applies safe defaults:

• Email authentication
• JWT token rotation
• 15-minute access tokens
• 7-day refresh tokens
• Refresh token blacklisting
• DRF JWT authentication backend

All settings can be overridden in the host project.

Example:

SIMPLE_JWT = {
    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=5),
}

---

Overriding custom user model abstract

If by any chance you want to update your user model You can simply inherit from the BunifuAbstractUser as shown below

from django.db import models
from bunifu_django_auth.models import BunifuAbstractUser

class CustomUser(BunifuAbstractUser):
    user_stats = models.JSONField(default=list)

Then in the settings

AUTH_USER_MODEL = "your_app.CustomUser"

---

Overriding Serializers

You may override serializers if needed:

BUNIFU_REGISTER_SERIALIZER = "yourapp.serializers.CustomRegisterSerializer"

---

Running Tests

pytest

With coverage:

pytest --cov=bunifu_django_auth

---

License

MIT License © 2026 Bunifu