Skip to main content

A Django app for REST Authentication using Django Ninja

Project description

Django Ninja Auth

A one stop shop for all your Django-Ninja Authentication needs. Supports REST authentication with Sessions, Auth Tokens and JWTs.

Fully Customisable to suit your needs.

Getting Started


pip install dj-ninja-auth



  1. Create a file in your app directory next to the and files.

  2. Add the following lines of code to your

    from ninja_extra import NinjaExtraAPI
    from dj_ninja_auth.controller import NinjaAuthDefaultController
    api = NinjaExtraAPI()
  3. Add the following lines to your file

    from .api import api
    urlpatterns = [
        path("", api.urls)

This will give you 5 basic endpoints that are not secured and can be called by anyone. The endpoints are

  • /auth/login
  • /auth/logout
  • /auth/password/reset/request
  • /auth/password/reset/confirm
  • /auth/password/change

Password Reset Template

Django's default email template requires a password_reset_confirm reverse url that is incompatible with Django Ninja's namespace convention and will throw this error if not handled properly. As a workaround, it is required that you provide your own email reset template. You can place it anywhere in your project as long as you link it in your's TEMPLATES variable. In my example below, I have put it in the {$project_root}/templates/ directory.

        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": [BASE_DIR / "templates"],
        "APP_DIRS": True,
        "OPTIONS": { ... },

In your templates directory, create the following file at templates/registration/password_reset_email.html and minimally add the following.

{% load i18n %}
{% autoescape off %}

    {% translate "Please go to the following page and choose a new password:" %}

    {% block reset_link %}
        http://{YOUR_DOMAIN_HERE}/{YOUR_FRONTEND_PASSWORD_RESET_ENDPOINT}?uid={{ uid }}&token={{ token }}
    {% endblock %}

{% endautoescape %}

NOTE: Replace YOUR_DOMAIN_HERE and YOUR_FRONTEND_PASSWORD_RESET_ENDPOINT with values that correspond to your setup. The uid and token variables have to be passed to the backend for verification before the password can be changed.


There are 3 controllers that you can register in your file for your application depending on your authentication needs.


The easiest way to use authentication is to use the Session Authentication. Note that the csrf=True kwarg has to be passed in to allow Django Ninja to pass CSRF cookies for validation. You will have to provide your own endpoint to get a CSRF cookie from Ninja.

from import django_auth
from dj_ninja_auth.controller import NinjaAuthDefaultController

api = NinjaExtraAPI(auth=[django_auth], csrf=True)


Since the tokens will be stored in the database, you are required to add the dj_ninja_auth.authtoken app to your INSTALLED_APPS and migrate the database.

from ninja_extra import NinjaExtraAPI
from dj_ninja_auth.authtoken.authentication import AccessTokenAuth
from dj_ninja_auth.authtoken.controller import NinjaAuthTokenController

api = NinjaExtraAPI(auth=[AccessTokenAuth()])


from ninja_extra import NinjaExtraAPI
from dj_ninja_auth.jwt.authentication import JWTAuth
from dj_ninja_auth.jwt.controller import NinjaAuthJWTController

api = NinjaExtraAPI(auth=[JWTAuth()])

The JWT controller provides 2 additional endpoints for tokens.

  • /auth/refresh
  • /auth/verify


Every aspect of the the Schemas and Controllers can be modified to suit your needs.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dj-ninja-auth-0.1.2.tar.gz (18.2 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page