Dashboard for using JWT with 3rd party login.
Project description
Django Simple 3rd Party JWT Dev Dashboard
This is a simple dashboard for showing multi login(JWT, session and 3rd party).
Dashboard is used with Django-Simple-3rd-Party-JWT.
Installation
pip install django-simple-third-party-jwt-dev-dashboard
Check it in Pypi.
Quick Start
-
settings.py
Add the followings to your settings of project.
- (MUST) Install app
INSTALLED_APPS += [ # --------------------------- # debug relative package "rest_framework", # <------ MUST #"drf_yasg", # (OPTIONAL) for swagger 'bootstrap3', # <------ MUST # 3rd party login 'django_simple_third_party_jwt' # <------ MUST # debug dashboard 'django_simple_third_party_jwt_dev_dashboard', # <------ MUST # --------------------------- ]
- (MUST) Dashboard settings
# -------------- START - Dashboard Setting -------------- DEV_DASHBOARD_SETTINGS = { 'jwt_token_url': 'api/auth/token', 'jwt_refresh_url': 'api/auth/token/refresh', 'jwt_verify_url': 'api/auth/token/verify', 'dashboard_url': 'api/__hidden_dev_dashboard', 'admin_url': 'api/__hidden_admin', #'swagger_url': 'api/__hidden_swagger', # OPTIONAL #'redoc_url': 'api/__hidden_redoc', # OPTIONAL } # --------------- END - Dashboard Setting ----------------- # -------------- START - 3rd party login Setting -------------- LOGIN_REDIRECT_URL = '/' + DEV_DASHBOARD_SETTINGS['dashboard_url'] # <- (OPTIONAL) for redirect after login JWT_3RD_PREFIX = 'api' # <- (OPTIONAL) for 3rd party login # --------------- END - 3rd party login Setting -----------------
- (MUST) Policy for Google API
# -------------- START - Policy Setting -------------- SECURE_REFERRER_POLICY = "no-referrer-when-downgrade" # SECURE_CROSS_ORIGIN_OPENER_POLICY = "same-origin-allow-popups" SECURE_CROSS_ORIGIN_OPENER_POLICY = None # -------------- END - Policy Setting -----------------
- (OPTIONAL) Configuration for 3rd party login
VALID_REGISTER_DOMAINS = ["gmail.com", "hotmail.com"] # -------------- START - Google Auth Setting -------------- SOCIAL_GOOGLE_CLIENT_ID = "376808175534-d6mefo6b1kqih3grjjose2euree2g3cs.apps.googleusercontent.com" # --------------- END - Google Auth Setting ----------------- # -------------- START - Microsoft Auth Setting -------------- SOCIAL_MICROSOFT_CLIENT_ID = '32346173-22bc-43b2-b6ed-f88f6a76e38c' SOCIAL_MICROSOFT_CLIENT_SECRET = 'K5z8Q~dIXDiFN5qjMjRjIx34cZOJ3Glkrg.dxcG9' # --------------- END - Microsoft Auth Setting -----------------
You can regist
SOCIAL_GOOGLE_CLIENT_ID
on Google Cloud Platform.
-
Create a new project and create a new OAuth 2.0 Client ID.
-
Add
http://localhost:8000
toAuthorized JavaScript origins
andAuthorized redirect URIs
.
You can regist
SOCIAL_MICROSOFT_CLIENT_ID
on Microsoft Azure.
- Create a new application.
- Add
http://localhost:8000/api/auth/microsoft/callback
toRedirect URIs
- Get
Client ID
fromOverview
page. - Get
Client Secret
fromCertificates & secrets
page.
-
urls.py
URL path for dashboard. (MUST)
# --------------- 3rd party login # app route urlpatterns += [ path("", include("django_simple_third_party_jwt.urls")), ] # ------------------------------ # --------------- Dashboard urlpatterns += [ # debug dashboard path(settings.DEV_DASHBOARD_SETTINGS['dashboard_url'] + "/", include("django_simple_third_party_jwt_dev_dashboard.urls")), ] # ------------------------------ # --------------- Admin urlpatterns += [ # admin path(settings.DEV_DASHBOARD_SETTINGS['admin_url'] + "/", admin.site.urls), ] # ------------------------------ # --------------- JWT from rest_framework_simplejwt.views import ( TokenVerifyView, TokenObtainPairView, TokenRefreshView ) urlpatterns += [ path(settings.DEV_DASHBOARD_SETTINGS['jwt_token_url'], TokenObtainPairView.as_view(), name="token_get"), path(settings.DEV_DASHBOARD_SETTINGS['jwt_refresh_url'], TokenRefreshView.as_view(), name="token_refresh"), path(settings.DEV_DASHBOARD_SETTINGS['jwt_verify_url'], TokenVerifyView.as_view(), name="token_verify"), ] # ---------------------------------
When you added all settings, just run:
python manage.py runserver 0.0.0.0:8000
And visit http://localhost:8000/api/__hidden_dev_dashboard
Example
Check ./example/django_simple_third_party_jwt_dev_dashboard_example/
.
More
There are several different settings can be added with this dashboard if you need.
- CORS Setting
ALLOWED_HOSTS = ["*"]
LOGIN_REDIRECT_URL = "/"
# -------------- START - CORS Setting --------------
CORS_ALLOW_ALL_ORIGINS = True
CORS_ALLOW_CREDENTIALS = True
CSRF_TRUSTED_ORIGINS = [
"http://127.0.0.1",
"http://localhost",
]
# -------------- END - CORS Setting -----------------
- Swagger setting
# -------------- Swagger Setting --------------
SWAGGER_SETTINGS = {
"SECURITY_DEFINITIONS": {
"Token(add prefix `Bearer` yourself)": {
"type": "apiKey",
"name": "Authorization",
"in": "header",
}
},
"LOGIN_URL": "/api/__hiddenadmin/login/",
"LOGOUT_URL": "/api/__hiddenadmin/logout/",
}
# --------------------------------------------
- SimpleJWT setting
# -------------- Start - SimpleJWT Setting --------------
from datetime import timedelta
SIMPLE_JWT = {
"ACCESS_TOKEN_LIFETIME": timedelta(minutes=3600),
"REFRESH_TOKEN_LIFETIME": timedelta(days=1),
"ROTATE_REFRESH_TOKENS": False,
"BLACKLIST_AFTER_ROTATION": False,
"UPDATE_LAST_LOGIN": False,
"ALGORITHM": "HS256",
"SIGNING_KEY": SECRET_KEY,
"VERIFYING_KEY": None,
"AUDIENCE": None,
"ISSUER": None,
"JWK_URL": None,
"LEEWAY": 0,
"AUTH_HEADER_TYPES": ("Bearer",),
"AUTH_HEADER_NAME": "HTTP_AUTHORIZATION",
"USER_ID_FIELD": "id",
"USER_ID_CLAIM": "user_id",
"USER_AUTHENTICATION_RULE": "rest_framework_simplejwt.authentication.default_user_authentication_rule",
"AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
"TOKEN_TYPE_CLAIM": "token_type",
"TOKEN_USER_CLASS": "rest_framework_simplejwt.models.TokenUser",
"JTI_CLAIM": "jti",
"SLIDING_TOKEN_REFRESH_EXP_CLAIM": "refresh_exp",
"SLIDING_TOKEN_LIFETIME": timedelta(minutes=5),
"SLIDING_TOKEN_REFRESH_LIFETIME": timedelta(days=1),
}
# -------------- END - SimpleJWT Setting --------------
Misc tools
Install & re-install package
- Linux
bash dev-reinstall.sh
- Windows
./dev-reinstall.ps1
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_simple_third_party_jwt_dev_dashboard-0.2.3.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | c443424e9400c5631a85cb40a5c20f6d75c2fc86a1d05f3ddc2d0d43b60cac80 |
|
MD5 | 2c33df2cb2eaddaa6703d9f85b857bdc |
|
BLAKE2b-256 | 9ec8c2d67d2fe6d3954779d461c142b10ef2a99bf0f32efc136683ac05deef3d |
Hashes for django_simple_third_party_jwt_dev_dashboard-0.2.3-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | f652aba8ab2af8206d4cd192cb944830c7e7ceb27ea45657fccfb1dae3d438a2 |
|
MD5 | e8c3c1b26462da6566c8d7a89650fab3 |
|
BLAKE2b-256 | 3ff48ea7f77aaa523b245a066f3eba3c01a7d4ecd11f41adb26e4cb439aedc33 |