API Key authentication and permissions for Django REST.
Project description
Django REST Framework Simple API Key 🔐
Django REST Framework Simple API Key is a fast and secure API Key authentication plugin for REST API built with Django Rest Framework.
For the full documentation, visit https://djangorestframework-simple-apikey.readthedocs.io/en/latest/.
Introduction
Django REST Simple Api Key is a package built upon Django, Django REST Framework, and the fernet cryptography module to generate, encrypt, and decrypt API keys. It provides fast, secure and customizable API Key authentication.
Benefits
Why should you use this package for your API Key authentication?
-
⚡️Fast: We use the fernet cryptography module to generate, encrypt, and decrypt API keys. Besides the security facade, it is blazing fast allowing you to treat requests quickly and easily.
-
🔐 Secure: Fernet guarantees that a message encrypted using it cannot be manipulated or read without the key, which we call
FERNET_KEY. As long as you treat the fernet key at the same level you treat the DjangoSECRET_KEYsetting, you are good to go. -
🔧 Customizable: The models, authentication backend, and permissions classes can be rewritten and fit your needs. We do our best to extend Django classes and methods, so you can easily extend our classes and methods.😉 Your Api Key authentication settings are kept in a single configuration dictionary named
SIMPLE_API_KEYin thesettings.pyfile of your Django project. It can be customized to fit your project needs.
Quickstart
1 - Install with pip:
pip install djangorestframework-simple-apikey
2 - Register the app in the INSTALLED_APPS in the settings.py file:
# settings.py
INSTALLED_APPS = [
# ...
"rest_framework",
"rest_framework_simple_api_key",
]
3- Add the FERNET_KEY setting in your SIMPLE_API_KEY configuration dictionary. You can easily generate a fernet key using the python manage.py generate_fernet_key command. Keep in mind that the fernet key plays a huge role in the api key authentication system.
SIMPLE_API_KEY = {
"FERNET_SECRET": "sVjomf7FFy351xRxDeJWFJAZaE2tG3MTuUv92TLFfOA="
}
4 - Run migrations:
python manage.py migrate
In your view then, you can add the authentication class and the permission class.
⚠️ Important Note: By default, authentication is performed using the
AUTH_USER_MODELspecified in the settings.py file.
from rest_framework import viewsets
from rest_framework_simple_api_key.backends import APIKeyAuthentication
from rest_framework.response import Response
class FruitViewSets(viewsets.ViewSet):
http_method_names = ["get"]
authentication_classes = (APIKeyAuthentication, )
def list(self, request):
return Response([{"detail": True}], 200 )
Generate a Fernet Key
We've made it easier for you by creating a custom Django command to quickly generate a fernet key, which is a crucial component in the authentication system. Make sure to keep the key secure and store it somewhere safely (ie: environment variable).
Important ⛔️ : You should treat the FERNET_KEY security at the same level as the Django SECRET_KEY. 🫡
To generate the fernet key use the following command:
python manage.py generate_fernet_key
Rotation
We implement an API key rotation strategy for this package. To learn more about it, refer to the documentation at https://djangorestframework-simple-apikey.readthedocs.io/en/latest/rotation.html.
Demo
You can find a demo in project in the example directory. To run the project, you can :
cd example
pip install -r requirements.txt
python manage.py migrate
python manage.py runserver
Changelog
See CHANGELOG.md.
Contributing
Thank you for your interest in contributing to the project! Here's a guide to help you get started:
-
Setup Development Environment:
git clone https://github.com/koladev32/djangorestframework-simple-apikey.git
Use the command below to set up your environment:
make install -
Format the Code:
Before submitting any code, please ensure it is formatted according to our standards:make format -
Check Code and Migrations:
Validate your changes against our checks:make check -
Run Migrations:
If your changes include database migrations, run the following:make migrations -
Run Tests:
Always make sure your changes pass all our tests:make test
See CONTRIBUTING.md.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file djangorestframework-simple-apikey-1.0.0.tar.gz.
File metadata
- Download URL: djangorestframework-simple-apikey-1.0.0.tar.gz
- Upload date:
- Size: 18.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
753933658ea978a500e054e6542f985c5e50c3ddf7c20a48e0bf4835f53093cb
|
|
| MD5 |
02795a6c2b461406c1ce53c08ebfdf7a
|
|
| BLAKE2b-256 |
d4708a33e4e6575c85286642d2a7b382faf3864759ba5aedc469c6a98020c692
|
File details
Details for the file djangorestframework_simple_apikey-1.0.0-py2.py3-none-any.whl.
File metadata
- Download URL: djangorestframework_simple_apikey-1.0.0-py2.py3-none-any.whl
- Upload date:
- Size: 22.2 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
422fd01cca2a783d889e912cf6fb33c663fdced12f76237798c19432cb365fa4
|
|
| MD5 |
a566068d0e3e9fb88485595a1947e964
|
|
| BLAKE2b-256 |
6f919efa6d6a536ae92c0532071048f1233a49b5a0b17b50eaa44cefa241f49a
|
