Skip to main content

A Django package for JSON Web Token validation and verification. Using PyJWT.

Project description

Django-JWT

This is a package to verify and validate JSON Web Tokens (JWT) in Django.

Installation

  1. Install the package using pip:
    pip install dj-jwt-auth
  1. Add "django_jwt" to your INSTALLED_APPS setting like this::
    INSTALLED_APPS = [
        ...
        "django_jwt",
    ]
  1. Add "django_jwt.middleware.JWTAuthMiddleware" to your MIDDLEWARE setting like this::
    MIDDLEWARE = [
        ...
        "django_jwt.middleware.JWTAuthMiddleware",
    ]

Configuration:

Required variables:

  • OIDC_CONFIG_ROUTES - dict of "algorithm": "config_url". Required for using JWTAuthMiddleware. Example:
   OIDC_CONFIG_ROUTES = {
       "RS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
       "HS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
   } 

Optional variables:

  • OIDC_AUDIENCE - by default ["account", "broker"]

User retated variables:

  • OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
  • OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default modified_timestamp
  • OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default updated_at
  • OIDC_USER_UID - User model" unique identifier, by default kc_id
  • OIDC_TOKEN_USER_UID - access token field to store user UID, by default sub
  • OIDC_USER_MAPPING - mapping between JWT claims and user model fields. Can be dict or function. By default:
    OIDC_USER_MAPPING = {
        "given_name": "first_name",
        "family_name": "last_name",
        "name": "username",
    }

OR

    def OIDC_USER_MAPPING(userinfo):
        return {
            "first_name": userinfo.get("given_name"),
            "last_name": userinfo.get("family_name"),
            "username": userinfo.get("name"),
        }
- OIDC_USER_DEFAULTS - default values for user model fields, by default:
OIDC_USER_DEFAULTS = {
    "is_active": True,
}

- OIDC_USER_ON_CREATE and OIDC_USER_ON_UPDATE - functions to be called on user creation and update, by default:
OIDC_USER_ON_CREATE = None
OIDC_USER_ON_UPDATE = None
These functions should accept two arguments: user and request.

### Admin panel integration:
To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
- OIDC_ADMIN_ISSUER - for admin-panel access through OIDC. By default will be used 'ES256' from OIDC_CONFIG_ROUTES. Example: 
OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
- OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy"
To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:

```python

from django_jwt.roles import ROLE

OIDC_ADMIN_ROLES = [
    ROLE(
        name="admin",  # name from token
        is_superuser=True,
    ),
    ROLE(
        name="staff",
        groups=["LMS (Full)", "Organizations (Full)", "Customer Support (Full)"],
        permissions=["Can add user"],
    ),
]

And add login view to urls.py:

urlpatterns = [
    path("admin/", include("django_jwt.urls")),
    ...
]

Login URL will be available at /admin/oidc/.

Testing:

Run command python runtests.py to run tests.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dj-jwt-auth-1.5.2.tar.gz (10.2 kB view hashes)

Uploaded Source

Built Distribution

dj_jwt_auth-1.5.2-py3-none-any.whl (13.3 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page