A Django package for JSON Web Token validation and verification. Using PyJWT.
Project description
Django-JWT
This is a package to verify and validate JSON Web Tokens (JWT) in Django.
Installation
-
Install the package using pip.
-
Add "django_jwt" to your INSTALLED_APPS setting like this::
INSTALLED_APPS = [
...
'django_jwt',
]
- Add "django_jwt.middleware.JWTAuthMiddleware" to your MIDDLEWARE setting like this::
MIDDLEWARE = [
...
'django_jwt.middleware.JWTAuthMiddleware',
]
Configuration:
Required variables:
- OIDC_CERTS_URL - certificate endpoint, like
https://keyCloak/realms/h/.well-known/openid-configuration
Optional variables:
- OIDC_AUDIENCE - by default ["account", "broker"] User retated variables:
- OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
- OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default
modified_timestamp
- OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default
updated_at
- OIDC_USER_UID - User model' unique identifier, by default
kc_id
- OIDC_USER_MAPPING - mapping between JWT claims and user model fields, by default:
OIDC_USER_MAPPING = {
'first_name': 'first_name',
'last_name': 'last_name',
'username': 'username',
}
- OIDC_USER_DEFAULTS - default values for user model fields, by default:
OIDC_USER_DEFAULTS = {
'is_active': True,
}
- OIDC_USER_ON_CREATE and OIDC_USER_ON_UPDATE - functions to be called on user creation and update, by default:
OIDC_USER_ON_CREATE = None
OIDC_USER_ON_UPDATE = None
- OIDC_CONFIG_ROUTES - dict of 'algorithm': 'config_url', by default is empty. If filled will be used instead of OIDC_CERTS_URL
OIDC_CONFIG_ROUTES = {
'RS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
'HS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
}
These functions should accept two arguments: user and request.
Testing:
Run command python runtests.py
to run tests.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dj-jwt-auth-1.1.5.tar.gz
(6.5 kB
view hashes)
Built Distribution
Close
Hashes for dj_jwt_auth-1.1.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | abdec4eea457d3ddf89de207fea221937fadee0b92ac022221a5135486ee3069 |
|
MD5 | 3990db905f8894c462e4a191e4b2fdf7 |
|
BLAKE2b-256 | 146ea1b88cf12f9f3a563c2107c7a74435a24a880da5e5e1545fbc7c7e6da161 |