Skip to main content

An open source, one-stop authentication framework for Django and ready for production.

Project description



Django Auth Framework

An open source, one-stop authentication framework for Django and ready for production.

Table of Contents

  1. About The Project
  2. Getting Started
  3. API Endpoints and Examples
  4. Contributing
  5. License

About The Project

Django Auth Framework is an open source, one-stop framework for Django applications providing the most essential APIs for authentication and authorization. APIs also cover Oauth2 protocol, social login and user management with options allows to easily customize and override for working on most scenarios. It supports multiple authentication ways to make your auth server scalable from a monolithic server using Token/Session authentication to service mesh such like Istio on Kubernetes Cluster with JWT authentication.

This framework was originally developed by me to help Django projects in our company fast setup. Now, it has scaled our service over a million users. I am happy to open soucre this project, hope it is helpful in your projects or startups

Built With


  • Production-ready, optimized by reducing unnecessary queries write to db during authentication and authorization.
  • Extends Django OAuth Toolkit's default Oauth2Validator to allow authorization with multiple types of credentials like email, phone number.
  • Pure RESTFUL API endpoints implemented with Django REST framework, this framework doesn't use any traditional Django components(eg: forms, html).
  • Supports the most popular social login(Google,Apple and Facebook) followed by up to date guidelines, users at frontend can be authorized by either id_token, code or access_token.

Getting Started

To get a local copy up and running follow these simple steps.


pip install django-auth-framework


  1. Edit file:

     #in your my_auth/
      # from auth_framework.models import AbstractUser
      # class MyUser(AbstractUser):
      #     custom_fields ...
     AUTH_USER_MODEL = 'my_auth.MyUser'

    or just try with

     AUTH_USER_MODEL = 'auth_framework.User'

    add required apps and configuration for rest_framework:

    # ...
    LOCAL_APPS = [
     # ...

    if you need other unique fields: email or phone_number not justusernameas credentials:

         "OIDC_ENABLED": True,
         "OIDC_RSA_PRIVATE_KEY": os.environ.get('OIDC_RSA_PRIVATE_KEY'),
         'SCOPES': {
             "openid": "OpenID Connect scope",
             'read': 'Read scope',
             'write': 'Write scope',
         'OAUTH2_VALIDATOR_CLASS': 'auth_framework.oauth.oauth2_validators.OauthValidator',
         'OAUTH2_BACKEND_CLASS': 'auth_framework.oauth.oauth2_backends.OAuthLibCore',
  2. Edit the

    from django.contrib import admin
    from django.urls import path, include
    urlpatterns = [
       path('account/', include('auth_framework.urls'))
  3. Sync Database and createsuperuser:

    python migrate
    python createsuperuser
  4. Login to the admin page http://localhost:8000/admin/oauth2_provider/application/add/ and add a default Application. if it's only open to your first party apps, then just choose Resource owner password-based as the grant type (No one likes to login with password but still having a redirect web page on a native app)

  5. [Optional] Configure of Social Adapters: in most scenarios, you only need to create one client id/secret for each social provider. For security and performance, it will look up those environment variables during making Oauth request calls instead of creating many key pairs to the database:


    If this is not your thing, consider to use allauth-django

API Endpoints and Examples



If you have improvements to Django Auth Framework, just send a pull request:

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

Or leave a comment in our Issues


Distributed under the BSD License. See LICENSE for more information.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-auth-framework-2.0.7.tar.gz (43.3 kB view hashes)

Uploaded source

Built Distribution

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page