A custom user-model based package with features ranging from JWT and Basic authentication to REST API end-points for signup, signin, email verification, password resetting and account activation.
Project description
Welcome to django-rest-xauth
A custom user model based django-package to implement JWT and Basic authentication and authorization flow in a few simple steps.
The package provides ready to use JSON formatted REST API end-points for signup, sign-in, email verification, password reset and account activation.
Email verification and password reset are based on hashed, short-lived verification-code and temporary password. Account activation is based on a combination of user selected security question(provided through the admin portal by site administrator(superuser)) and an answer that is hashed and stored in the database.
By design, the logic for requesting and confirming password reset, account verification and activation is implemented in
the AbstractUser model class to make it easy to customize every step. For example, instead of sending verification codes
to users via email(default), you could opt to use SMS by overriding request_verification(...) method in the abstract
class or using the returned code in your views.
What makes django-rest-xauth different
- Custom user class provides some common optional fields with reasonable complementary helper methods. For example,
date_of_birthfield that also comes with an age calculation helper method - Access logging(IP-address should be provided as a
X-Forwarded-Forheader) - Failed Sign-in attempts logging(IP-address should be provided as a
X-Forwarded-Forheader) - Password-reset logging(IP-address should be provided as a
X-Forwarded-Forheader) - Encrypted JWT tokens
- Security question based account activation in-case account was deactivated
- Temporary password based user password reset
- Verification code based user account activation.
Quick start
- Install package
pip install django-rest-xauth
Modify your Django project's settings.py file
- Add xauth to your
INSTALLED_APPSsetting like this
INSTALLED_APPS = [
...,
'xauth',
'rest_framework',
]
- Add/modify your
AUTH_USER_MODELsetting to
# Can also be a (modified) direct subclass of `xauth.models.AbstractUser`
AUTH_USER_MODEL = 'xauth.User'
- Add/modify your
REST_FRAMEWORKsetting to
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'xauth.authentication.BasicTokenAuthentication',
...,
],
'EXCEPTION_HANDLER': 'xauth.utils.exceptions.exception_handler',
}
- Include the xauth URLconf in your project
urls.pylike this
urlpatterns = [
path('accounts/', include('xauth.urls', namespace='xauth')),
...,
]
- Run
python manage.py migrateto create the xauth models. - Run
python manage.py createsuperuserto create a superuser account. - Run
python manage.py runserverto start the development server. - Visit
http://127.0.0.1:8000/accounts/signup/to register a new account.
API endpoints
Read more here.
Documentation and support
Full documentation for the project is available here.
Contributing
Please be sure to review contributing guidelines to learn how to help the project.
Postman Team
Join postman team.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_rest_xauth-1.1.1-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1027ac5e9e3f40704d25287cc471275c549b303cdde8cf2e051df53a9ce198ea |
|
| MD5 | 1c5a27b3abd264ab67fcbfb79a9c4d38 |
|
| BLAKE2b-256 | 85ab9bac3b97ff14c6a63955e87ef9f6d0e1aece707a367209f147938501891a |
