Skip to main content

A middleware and a set of handlers to handle Code Grant authentication with Cognito

Project description

AWS Cognito code grant for Django Rest Framework

This package implements an authentication backend and a set of handlers that enable your application to use code grant authentication with AWS Cognito.

The package has been developed by STITCH (https://www.stitchdesignlab.com/)

The documentation for this project is a work-in-progress and is pretty much bare bones. Do not hesitate to contact us, or open an issue or PR for contribution.

Links

Code grant

Code grant is an OAuth 2.0 flow that allows one to use Cognito as a data store and authentication backend for users, while maintaining an updating replica of User and Group information in your applications database. This way, the application gains the possibility to add custom business logic for users, while the user data is still stored and managed centrally through Cognito.

This is especially useful when you are implementing multiple API backends for a platform that consist of multiple applications that need to operate on a shared userbase.

See the link above for a detailed explanation of the standard.

Installation

You can install this package from pip: pip install cognito_code_grant

Usage

The implementation consists of an authentication backend, a login handler, and a logout handler. To use the backend, simply specify it in your Django Settings:

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'cognito_code_grant.authentication.CognitoAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        ...
    )

To use the handlers, include them in your URLs using a helper function:

from cognito_code_grant.views import include_auth_urls

urlpatterns = [
    path('auth/', include_auth_urls()),
    ...
]

Additionally, you will need to set the following settings to point to your instance of Cognito:

AUTH_COGNITO_CLIENT_ID = # your client ID
AUTH_COGNITO_CODE_GRANT_URL = # your token endpoint (https://AUTH_DOMAIN/oauth2/token)
AUTH_COGNITO_JWKS_URL = # the url for your JWKs (https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/jwks.json.)

Development

To run tests, you need to point Django to local test settings, and run the migrations (it will use an sqllite db in a temp folder).

export DJANGO_SETTINGS_MODULE=tests.settings
python -m django migrate
python -m django test

On a merge to master, CICD will automatically create a patch version bump, and deploy to pypi. Minor/Major realeases need to be handled manually by the maintainers.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cognito_code_grant-1.0.5.tar.gz (4.7 kB view details)

Uploaded Source

Built Distribution

cognito_code_grant-1.0.5-py3.7.egg (8.6 kB view details)

Uploaded Source

File details

Details for the file cognito_code_grant-1.0.5.tar.gz.

File metadata

  • Download URL: cognito_code_grant-1.0.5.tar.gz
  • Upload date:
  • Size: 4.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/40.4.3 requests-toolbelt/0.9.1 tqdm/4.36.1 CPython/3.7.0

File hashes

Hashes for cognito_code_grant-1.0.5.tar.gz
Algorithm Hash digest
SHA256 e32bee06a7014e288cb8dd32fac5879f6e11b231a6dba8d8966d1f45c033eba5
MD5 41c2309b0e59718f2d9cae94a4fdc7e5
BLAKE2b-256 463e15d059237f18710aa54b9903b10aeef5aab4cf8b0cd706a9726457aff379

See more details on using hashes here.

File details

Details for the file cognito_code_grant-1.0.5-py3.7.egg.

File metadata

  • Download URL: cognito_code_grant-1.0.5-py3.7.egg
  • Upload date:
  • Size: 8.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/40.4.3 requests-toolbelt/0.9.1 tqdm/4.36.1 CPython/3.7.0

File hashes

Hashes for cognito_code_grant-1.0.5-py3.7.egg
Algorithm Hash digest
SHA256 691d6eb2313f6ef458bf1935c0a9d399a9d122315f64cfdd1a3871e74e25a2ea
MD5 ddb3f69ed697ed1c5d7e5531083fa715
BLAKE2b-256 91e0bcbba5782327b48fcb0f9f1f00b6a34b70c6d0d99002f69c4ece2691b3ac

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page