Skip to main content

Dashboard for using JWT with 3rd party login.

Project description

Django Simple 3rd Party JWT Dev Dashboard

dashboard

This is a simple dashboard for showing multi login(JWT, session and 3rd party).

Dashboard is used with Django-Simple-3rd-Party-JWT.

Installation

pip install django-simple-third-party-jwt-dev-dashboard

Check it in Pypi.

Quick Start

  • settings.py

    Add the followings to your settings of project.

    • (MUST) Install app
    INSTALLED_APPS += [
        # ---------------------------
        # debug relative package
        "rest_framework", # <------ MUST
        #"drf_yasg", # (OPTIONAL) for swagger
        'bootstrap3', # <------ MUST
        # 3rd party login
        'django_simple_third_party_jwt' # <------ MUST
        # debug dashboard
        'django_simple_third_party_jwt_dev_dashboard', # <------ MUST
        # ---------------------------
    ]
    
    • (MUST) Dashboard settings
    # -------------- START - Dashboard Setting --------------
    DEV_DASHBOARD_SETTINGS = {
        'jwt_token_url': 'api/auth/token',
        'jwt_refresh_url': 'api/auth/token/refresh',
        'jwt_verify_url': 'api/auth/token/verify',
        'dashboard_url': 'api/__hidden_dev_dashboard',
        'admin_url': 'api/__hidden_admin',
        #'swagger_url': 'api/__hidden_swagger', # OPTIONAL
        #'redoc_url': 'api/__hidden_redoc', # OPTIONAL
    }
    # --------------- END - Dashboard Setting -----------------
    
    # -------------- START - 3rd party login Setting --------------
    LOGIN_REDIRECT_URL = '/' + DEV_DASHBOARD_SETTINGS['dashboard_url'] # <- (OPTIONAL) for redirect after login
    JWT_3RD_PREFIX = 'api' # <- (OPTIONAL) for 3rd party login
    # --------------- END - 3rd party login Setting -----------------
    
    • (MUST) Policy for Google API
    # -------------- START - Policy Setting --------------
    SECURE_REFERRER_POLICY = "no-referrer-when-downgrade"
    # SECURE_CROSS_ORIGIN_OPENER_POLICY = "same-origin-allow-popups"
    SECURE_CROSS_ORIGIN_OPENER_POLICY = None
    # -------------- END - Policy Setting -----------------
    
    • (OPTIONAL) Configuration for 3rd party login
    VALID_REGISTER_DOMAINS = ["gmail.com", "hotmail.com"]
    
    # -------------- START - Google Auth Setting --------------
    SOCIAL_GOOGLE_CLIENT_ID = "376808175534-d6mefo6b1kqih3grjjose2euree2g3cs.apps.googleusercontent.com"
    # --------------- END - Google Auth Setting -----------------
    
    # -------------- START - Microsoft Auth Setting --------------
    SOCIAL_MICROSOFT_CLIENT_ID = '32346173-22bc-43b2-b6ed-f88f6a76e38c'
    SOCIAL_MICROSOFT_CLIENT_SECRET = 'K5z8Q~dIXDiFN5qjMjRjIx34cZOJ3Glkrg.dxcG9'
    # --------------- END - Microsoft Auth Setting -----------------
    

You can regist SOCIAL_GOOGLE_CLIENT_ID on Google Cloud Platform.

Google Colud | API和服務 | 憑證

  1. Create a new project and create a new OAuth 2.0 Client ID.

  2. Add http://localhost:8000 to Authorized JavaScript origins and Authorized redirect URIs.

You can regist SOCIAL_MICROSOFT_CLIENT_ID on Microsoft Azure.

Microsoft Entra 識別碼 | 應用程式註冊

  1. Create a new application.
  2. Add http://localhost:8000/api/auth/microsoft/callback to Redirect URIs
  3. Get Client ID from Overview page.
  4. Get Client Secret from Certificates & secrets page.
  • urls.py

    URL path for dashboard. (MUST)

    # --------------- 3rd party login
    # app route
    urlpatterns += [
        path("", include("django_simple_third_party_jwt.urls")),
    ]
    # ------------------------------
    
    # --------------- Dashboard
    urlpatterns += [
        # debug dashboard
        path(settings.DEV_DASHBOARD_SETTINGS['dashboard_url'] + "/", include("django_simple_third_party_jwt_dev_dashboard.urls")),
    ]
    # ------------------------------
    
    # --------------- Admin
    urlpatterns += [
        # admin
        path(settings.DEV_DASHBOARD_SETTINGS['admin_url'] + "/", admin.site.urls),
    ]
    # ------------------------------
    
    # --------------- JWT
    from rest_framework_simplejwt.views import (
        TokenVerifyView, TokenObtainPairView, TokenRefreshView
    )
    urlpatterns += [
        path(settings.DEV_DASHBOARD_SETTINGS['jwt_token_url'], TokenObtainPairView.as_view(), name="token_get"),
        path(settings.DEV_DASHBOARD_SETTINGS['jwt_refresh_url'], TokenRefreshView.as_view(), name="token_refresh"),
        path(settings.DEV_DASHBOARD_SETTINGS['jwt_verify_url'], TokenVerifyView.as_view(), name="token_verify"),
    ]
    # ---------------------------------
    

When you added all settings, just run:

python manage.py runserver 0.0.0.0:8000

And visit http://localhost:8000/api/__hidden_dev_dashboard

Example

Check ./example/django_simple_third_party_jwt_dev_dashboard_example/.

More

There are several different settings can be added with this dashboard if you need.

  • CORS Setting
ALLOWED_HOSTS = ["*"]
LOGIN_REDIRECT_URL = "/"

# -------------- START - CORS Setting --------------
CORS_ALLOW_ALL_ORIGINS = True
CORS_ALLOW_CREDENTIALS = True
CSRF_TRUSTED_ORIGINS = [
    "http://127.0.0.1",
    "http://localhost",
]
# -------------- END - CORS Setting -----------------
  • Swagger setting
# -------------- Swagger Setting --------------
SWAGGER_SETTINGS = {
    "SECURITY_DEFINITIONS": {
        "Token(add prefix `Bearer` yourself)": {
            "type": "apiKey",
            "name": "Authorization",
            "in": "header",
        }
    },
    "LOGIN_URL": "/api/__hiddenadmin/login/",
    "LOGOUT_URL": "/api/__hiddenadmin/logout/",
}

# --------------------------------------------
  • SimpleJWT setting
# -------------- Start - SimpleJWT Setting --------------
from datetime import timedelta
SIMPLE_JWT = {
    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=3600),
    "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
    "ROTATE_REFRESH_TOKENS": False,
    "BLACKLIST_AFTER_ROTATION": False,
    "UPDATE_LAST_LOGIN": False,
    "ALGORITHM": "HS256",
    "SIGNING_KEY": SECRET_KEY,
    "VERIFYING_KEY": None,
    "AUDIENCE": None,
    "ISSUER": None,
    "JWK_URL": None,
    "LEEWAY": 0,
    "AUTH_HEADER_TYPES": ("Bearer",),
    "AUTH_HEADER_NAME": "HTTP_AUTHORIZATION",
    "USER_ID_FIELD": "id",
    "USER_ID_CLAIM": "user_id",
    "USER_AUTHENTICATION_RULE": "rest_framework_simplejwt.authentication.default_user_authentication_rule",
    "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
    "TOKEN_TYPE_CLAIM": "token_type",
    "TOKEN_USER_CLASS": "rest_framework_simplejwt.models.TokenUser",
    "JTI_CLAIM": "jti",
    "SLIDING_TOKEN_REFRESH_EXP_CLAIM": "refresh_exp",
    "SLIDING_TOKEN_LIFETIME": timedelta(minutes=5),
    "SLIDING_TOKEN_REFRESH_LIFETIME": timedelta(days=1),
}
# -------------- END - SimpleJWT Setting --------------

Misc tools

Install & re-install package

  • Linux
bash dev-reinstall.sh
  • Windows
./dev-reinstall.ps1

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

File details

Details for the file django_simple_third_party_jwt_dev_dashboard-0.2.3.tar.gz.

File metadata

File hashes

Hashes for django_simple_third_party_jwt_dev_dashboard-0.2.3.tar.gz
Algorithm Hash digest
SHA256 c443424e9400c5631a85cb40a5c20f6d75c2fc86a1d05f3ddc2d0d43b60cac80
MD5 2c33df2cb2eaddaa6703d9f85b857bdc
BLAKE2b-256 9ec8c2d67d2fe6d3954779d461c142b10ef2a99bf0f32efc136683ac05deef3d

See more details on using hashes here.

File details

Details for the file django_simple_third_party_jwt_dev_dashboard-0.2.3-py3-none-any.whl.

File metadata

File hashes

Hashes for django_simple_third_party_jwt_dev_dashboard-0.2.3-py3-none-any.whl
Algorithm Hash digest
SHA256 f652aba8ab2af8206d4cd192cb944830c7e7ceb27ea45657fccfb1dae3d438a2
MD5 e8c3c1b26462da6566c8d7a89650fab3
BLAKE2b-256 3ff48ea7f77aaa523b245a066f3eba3c01a7d4ecd11f41adb26e4cb439aedc33

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page