A Django package for JSON Web Token validation and verification. Using PyJWT.
Project description
Django-JWT
This is a package to verify and validate JSON Web Tokens (JWT) in Django.
Installation
- Install the package using pip:
pip install dj-jwt-auth
- Add "django_jwt" to your INSTALLED_APPS setting like this::
INSTALLED_APPS = [
...
"django_jwt",
]
- Add "django_jwt.middleware.JWTAuthMiddleware" to your MIDDLEWARE setting like this::
MIDDLEWARE = [
...
"django_jwt.middleware.JWTAuthMiddleware",
]
Configuration:
Required variables:
- OIDC_CONFIG_ROUTES - dict of "algorithm": "config_url". Required for using JWTAuthMiddleware. Example:
OIDC_CONFIG_ROUTES = {
"RS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
"HS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
}
Optional variables:
- OIDC_AUDIENCE - by default ["account", "broker"]
User retated variables:
- OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
- OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default
modified_timestamp
- OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default
updated_at
- OIDC_USER_UID - User model" unique identifier, by default
kc_id
- OIDC_USER_MAPPING - mapping between JWT claims and user model fields, by default:
OIDC_USER_MAPPING = {
"first_name": "first_name",
"last_name": "last_name",
"username": "username",
}
- OIDC_USER_DEFAULTS - default values for user model fields, by default:
OIDC_USER_DEFAULTS = {
"is_active": True,
}
- OIDC_USER_ON_CREATE and OIDC_USER_ON_UPDATE - functions to be called on user creation and update, by default:
OIDC_USER_ON_CREATE = None
OIDC_USER_ON_UPDATE = None
These functions should accept two arguments: user and request.
Admin panel integration:
To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
- OIDC_ADMIN_ISSUER - required for admin-panel access through OIDC. Example:
OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
- OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy" To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:
from django_jwt.roles import ROLE
OIDC_ADMIN_ROLES = [
ROLE(
name="admin", # name from token
is_superuser=True,
),
ROLE(
name="staff",
groups=["LMS (Full)", "Organizations (Full)", "Customer Support (Full)"],
permissions=["Can add user"],
),
]
And add login view to urls.py:
urlpatterns = [
path("admin/", include("django_jwt.urls")),
...
]
Login URL will be available at /admin/oidc/
.
Testing:
Run command python runtests.py
to run tests.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dj-jwt-auth-1.3.2.tar.gz
(9.3 kB
view hashes)
Built Distribution
Close
Hashes for dj_jwt_auth-1.3.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | af053994ad23cf1f13c50f6b8d878dc7b9df818bbe5f1314d56d06d8169a2110 |
|
MD5 | f080292f1b9469ce08b753d66d4ed9a2 |
|
BLAKE2b-256 | d56f50f8c07bc6bb160acdf7d927b0a76e2f50397e468e930c9caae97efe55d6 |