DRF and Django Logto integration
Project description
External and BrowsableAPI Authentication
This README.md assumes that you already set up a Logto app for your front-end application.
First at all, use the command python manage.py migrate
to change the user model.
You will now have to add the logto urls:
url_patterns = [
path('auth/', include('django_logto.urls')),
]
To use External Authentication and BrowsableAPI authentication, you need to change the default Authenticationclass in your settings. \
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
"django_logto.authentication.LogtoAuthentication",
),
}
You need to set in settings.py:
LOGTO_AUDIENCE="**your_api_url**" #(e.g. : http://localhost:8000)
LOGTO_JWKS_URIS="**<logto_url>/oidc/jwks**"
LOGTO_ENDPOINT="**your_logto_url**"
LOGTO_API_CLIENT_ID="**your_TraditionalWebApp_id**"
LOGTO_API_SECRET="**your_TraditionalWebApp_secret**"
LOGTO_API_REDIRECT_URI="**<your_api_url>/auth/callback/**"
LOGTO_CALLBACK_URI="**<your_api_url>/api/**" #(this one can be changed, depending on your needs. For more information, you can refer to the Logto documentation )
For BrowsableAPI authentication, you can authenticate threw /auth/signin
DjangoAdmin Authentication
Set the AUTH_USER_MODEL
and AUTHENTICATION_BACKENDS
in settings: \
AUTHENTICATION_BACKENDS = ["django_logto.logto_backend.LogtoBackend"]
AUTH_USER_MODEL = "django_logto.LogtoUser"
Add the related Machine-To-Machine Logto app environment variables:
LOGTO_ADMIN_CLIENT_ID="**<your_m2m_app_id>**"
LOGTO_ADMIN_CLIENT_SECRET="**<your_m2m_app_secret>**"
This package accesses to Logto ManagementAPI to retrieve the actual connected user's roles.
You will need to give your M2M app the permission to access to ManagementAPI (don't forget to set the role as "Machine-to-machine app role"):
https://docs.logto.io/docs/recipes/rbac/manage-permissions-and-roles/#create-and-define-a-new-role
This package also expects (by default) to receive an "admin" role from the managementAPI to give the user the right to access the admin console by creating a role with name="admin" (don't forget to set the role as "User role").
You can override it by defining another admin tags in settings.py: \
LOGTO_ADMIN_TAG=["<1st_admin_tag>","<2nd_admin_tag>","etc"]
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_logto-1.0.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4fb8c869e8c3dab3eb1d5b19eeac1f57b67a0187131370cba0598f7ef018de99 |
|
MD5 | 56d06a7d236e5c1121cdeecd63aba0b6 |
|
BLAKE2b-256 | 0f1fec3e531da010e32f8a99a3803e8ca3a33609851fa90249153fcf30c185dd |