Skip to main content
Join the official 2019 Python Developers SurveyStart the survey!

A middleware and a set of handlers to handle Code Grant authentication with Cognito

Project description

AWS Cognito code grant for Django Rest Framework

This package implements an authentication backend and a set of handlers that enable your application to use code grant authentication with AWS Cognito.

The package has been developed by STITCH (https://www.stitchdesignlab.com/)

The documentation for this project is a work-in-progress and is pretty much bare bones. Do not hesitate to contact us, or open an issue or PR for contribution.

Links

Code grant

Code grant is an OAuth 2.0 flow that allows one to use Cognito as a data store and authentication backend for users, while maintaining an updating replica of User and Group information in your applications database. This way, the application gains the possibility to add custom business logic for users, while the user data is still stored and managed centrally through Cognito.

This is especially useful when you are implementing multiple API backends for a platform that consist of multiple applications that need to operate on a shared userbase.

See the link above for a detailed explanation of the standard.

Installation

You can install this package from pip: pip install cognito_code_grant

Usage

The implementation consists of an authentication backend, a login handler, and a logout handler. To use the backend, simply specify it in your Django Settings:

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'cognito_code_grant.authentication.CognitoAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        ...
    )

To use the handlers, include them in your URLs using a helper function:

from cognito_code_grant.views import include_auth_urls

urlpatterns = [
    path('auth/', include_auth_urls()),
    ...
]

Additionally, you will need to set the following settings to point to your instance of Cognito:

AUTH_COGNITO_CLIENT_ID = # your client ID
AUTH_COGNITO_CODE_GRANT_URL = # your token endpoint (https://AUTH_DOMAIN/oauth2/token)
AUTH_COGNITO_JWKS_URL = # the url for your JWKs (https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/jwks.json.)

Development

To run tests, you need to point Django to local test settings, and run the migrations (it will use an sqllite db in a temp folder).

export DJANGO_SETTINGS_MODULE=tests.settings
python -m django migrate
python -m django test

On a merge to master, CICD will automatically create a patch version bump, and deploy to pypi. Minor/Major realeases need to be handled manually by the maintainers.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for cognito-code-grant, version 1.0.11
Filename, size File type Python version Upload date Hashes
Filename, size cognito_code_grant-1.0.11.tar.gz (5.0 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page