Skip to main content

Django Ninja JWT - JSON Web Token for Django-Ninja

Project description

Ninja JWT

Test PyPI version PyPI version PyPI version PyPI version Codecov Downloads

Abstract

Ninja JWT is a JSON Web Token (JWT) plugin for Django-Ninja. This library is a fork of Simple JWT by Jazzband, a widely-used JWT plugin for the Django REST Framework.

Notice

This library does not address any issues present in the original SIMPLE JWT. It only adds support for Django-Ninja and removes dependencies on DRF. Subsequent updates from SIMPLE JWT will be reflected here over time.

For full documentation, visit this page.

Requirements

  • Python >= 3.6
  • Django >= 2.1
  • Django-Ninja >= 0.16.1
  • Django-Ninja-Extra >= 0.14.2

Example

Checkout this sample project: https://github.com/eadwinCode/bookstoreapi

Installation

Ninja JWT can be installed with pip:

pip install django-ninja-jwt

You also need to register the NinjaJWTDefaultController controller to your Django-Ninja API:

from ninja_jwt.controller import NinjaJWTDefaultController
from ninja_extra import NinjaExtraAPI

api = NinjaExtraAPI()
api.register_controllers(NinjaJWTDefaultController)

The NinjaJWTDefaultController includes three routes: obtain_token, refresh_token, and verify_token. It combines two subclasses, TokenVerificationController and TokenObtainPairController. If you want to customize these routes, you can inherit from these controllers and modify their implementation:

from ninja_extra import api_controller
from ninja_jwt.controller import TokenObtainPairController

@api_controller('token', tags=['Auth'])
class MyCustomController(TokenObtainPairController):
    """obtain_token and refresh_token only"""
    ...
api.register_controllers(MyCustomController)

To use localizations/translations, add ninja_jwt to your INSTALLED_APPS:

INSTALLED_APPS = [
    ...
    'ninja_jwt',
    ...
]

Using Ninja Router

If you prefer not to follow the NinjaExtra methodology, refer to this documentation on how to use Ninja-JWT with Django-Ninja Router.

Usage

To verify that Ninja JWT is working, you can use curl to issue a couple of test requests:

curl \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"username": "davidattenborough", "password": "boatymcboatface"}' \
  http://localhost:8000/api/token/pair

...
{
  "access":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX3BrIjoxLCJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiY29sZF9zdHVmZiI6IuKYgyIsImV4cCI6MTIzNDU2LCJqdGkiOiJmZDJmOWQ1ZTFhN2M0MmU4OTQ5MzVlMzYyYmNhOGJjYSJ9.NHlztMGER7UADHZJlxNG0WSi22a2KaYSfd1S-AuT7lU",
  "refresh":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX3BrIjoxLCJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImNvbGRfc3R1ZmYiOiLimIMiLCJleHAiOjIzNDU2NywianRpIjoiZGUxMmY0ZTY3MDY4NDI3ODg5ZjE1YWMyNzcwZGEwNTEifQ.aEoAYkSJjoWH1boshQAaTkf8G3yn0kapko6HFRt7Rh4"
}

You can use the returned access token to prove authentication for a protected view:

curl \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX3BrIjoxLCJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiY29sZF9zdHVmZiI6IuKYgyIsImV4cCI6MTIzNDU2LCJqdGkiOiJmZDJmOWQ1ZTFhN2M0MmU4OTQ5MzVlMzYyYmNhOGJjYSJ9.NHlztMGER7UADHZJlxNG0WSi22a2KaYSfd1S-AuT7lU" \
  http://localhost:8000/api/some-protected-view/

When this short-lived access token expires, you can use the longer-lived refresh token to obtain another access token:

curl \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"refresh":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX3BrIjoxLCJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImNvbGRfc3R1ZmYiOiLimIMiLCJleHAiOjIzNDU2NywianRpIjoiZGUxMmY0ZTY3MDY4NDI3ODg5ZjE1YWMyNzcwZGEwNTEifQ.aEoAYkSJjoWH1boshQAaTkf8G3yn0kapko6HFRt7Rh4"}' \
  http://localhost:8000/api/token/refresh

...
{"access":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX3BrIjoxLCJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiY29sZF9zdHVmZiI6IuKYgyIsImV4cCI6MTIzNTY3LCJqdGkiOiJjNzE4ZTVkNjgzZWQ0NTQyYTU0NWJkM2VmMGI0ZGQ0ZSJ9.ekxRxgb9OKmHkfy-zs1Ro_xs1eMLXiR17dIDBVxeT-w"}

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django_ninja_jwt-5.3.7.tar.gz (39.8 kB view details)

Uploaded Source

Built Distribution

django_ninja_jwt-5.3.7-py3-none-any.whl (88.6 kB view details)

Uploaded Python 3

File details

Details for the file django_ninja_jwt-5.3.7.tar.gz.

File metadata

  • Download URL: django_ninja_jwt-5.3.7.tar.gz
  • Upload date:
  • Size: 39.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.8

File hashes

Hashes for django_ninja_jwt-5.3.7.tar.gz
Algorithm Hash digest
SHA256 faf09f6b00ebfd53786cda92dc8eb0bf6c39b72ee079aeb744bdb70dc5c59031
MD5 7e0c2e4d575891b8ab773e0acf1dee53
BLAKE2b-256 0bc28b69a702d39b9da234c0f306ed10441ef7216a64a4ba822018e983f430df

See more details on using hashes here.

File details

Details for the file django_ninja_jwt-5.3.7-py3-none-any.whl.

File metadata

File hashes

Hashes for django_ninja_jwt-5.3.7-py3-none-any.whl
Algorithm Hash digest
SHA256 90db9508e49e0e43de933a5adb3640ba9ea24589d6f77146b2e72861528e105f
MD5 6139c50e3c0d2dae1a63d5434a588abc
BLAKE2b-256 6cd8176990e02fe2471a1e02919abfc39c5637f2f471e60d3ce9ee5c07614477

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page