A Django package for JSON Web Token validation and verification. Using PyJWT.
Project description
Django-JWT
This is a package to verify and validate JSON Web Tokens (JWT) in Django.
Installation
-
Install the package using pip.
-
Add "django_jwt" to your INSTALLED_APPS setting like this::
INSTALLED_APPS = [
...
'django_jwt',
]
- Add "django_jwt.middleware.JWTAuthMiddleware" to your MIDDLEWARE setting like this::
MIDDLEWARE = [
...
'django_jwt.middleware.JWTAuthMiddleware',
]
Configuration:
Required variables:
- OIDC_CERTS_URL - certificate endpoint, like
https://keyCloak/realms/h/.well-known/openid-configuration
Optional variables:
- OIDC_AUDIENCE - by default ["account", "broker"] User retated variables:
- OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
- OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default
modified_timestamp
- OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default
updated_at
- OIDC_USER_UID - User model' unique identifier, by default
kc_id
- OIDC_USER_MAPPING - mapping between JWT claims and user model fields, by default:
OIDC_USER_MAPPING = {
'first_name': 'first_name',
'last_name': 'last_name',
'username': 'username',
}
- OIDC_USER_DEFAULTS - default values for user model fields, by default:
OIDC_USER_DEFAULTS = {
'is_active': True,
}
- OIDC_USER_ON_CREATE and OIDC_USER_ON_UPDATE - functions to be called on user creation and update, by default:
OIDC_USER_ON_CREATE = None
OIDC_USER_ON_UPDATE = None
- OIDC_CONFIG_ROUTES - dict of 'algorithm': 'config_url', by default is empty. If filled will be used instead of OIDC_CERTS_URL
OIDC_CONFIG_ROUTES = {
'RS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
'HS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
}
These functions should accept two arguments: user and request.
Testing:
Run command python runtests.py
to run tests.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dj-jwt-auth-1.1.6.tar.gz
(6.6 kB
view hashes)
Built Distribution
Close
Hashes for dj_jwt_auth-1.1.6-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0e5869bf233a6a0cf243cfd097b85a1bdc34c5a505875cd5a3bbe29faffd719d |
|
MD5 | 564ca550c5461eef2a7b05c0b710a07b |
|
BLAKE2b-256 | 4c737ae19de0553ed687b5ace8bf4b856ffd86bba36352c3dff54cf6ef31eacc |