Skip to main content

Extension of Djoser package that includes Web3 Authentication for Django Rest Framework

Project description

Getting Started

To get started with Djoser in Django, you will need to install the Djoser library and configure it in your Django project. Here are the steps you can follow:

Step 1. Install the Djoser library using pip:

pip install djoser djoser-web3

Step 2. Add `djoser` and `djoser-web3` to the INSTALLED_APPS list in your Django project’s `settings.py` file:

DJANGO_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
]

PROJECT_APPS = [
]

THIRD_PARTY_APPS = [

    'djoser',
    'djoser-web3',

    'rest_framework',
    'rest_framework_simplejwt',
    'rest_framework_simplejwt.token_blacklist',

    'social_django',
]

INSTALLED_APPS = DJANGO_APPS + PROJECT_APPS + THIRD_PARTY_APPS

Step 3 (Optional). Configure social_django middleware (Optional if you decide to use Social Auth)

MIDDLEWARE = [

    'social_django.middleware.SocialAuthExceptionMiddleware',

    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

Step 4 (Optional). Copy paste this password hashers in settings.py

# Password validation
PASSWORD_HASHERS = [
    "django.contrib.auth.hashers.Argon2PasswordHasher",
    "django.contrib.auth.hashers.PBKDF2PasswordHasher",
    "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher",
    "django.contrib.auth.hashers.BCryptSHA256PasswordHasher",
]

Step 5. Configure Settings.py to work with REST_FRAMEWORK, DJOSER and SIMPLE_JWT. Here i show a simple example of how this could be achieved.

# REST FRAMEWORK
REST_FRAMEWORK = {
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticatedOrReadOnly'
    ],
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ),
}
#Authentication backends
AUTHENTICATION_BACKENDS = (
    'social_core.backends.google.GoogleOAuth2',
    'social_core.backends.facebook.FacebookOAuth2',
    'django.contrib.auth.backends.ModelBackend',
)
#Simple JWT
SIMPLE_JWT = {
    'AUTH_HEADER_TYPES': ('JWT', ),
    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=10080),
    'REFRESH_TOKEN_LIFETIME': timedelta(days=30),
    'ROTATE_REFRESFH_TOKENS':True,
    'BLACKLIST_AFTER_ROTATION': True,
    'AUTH_TOKEN_CLASSES': (
        'rest_framework_simplejwt.tokens.AccessToken',
    )
}

#Djoser
DJOSER = {
    'LOGIN_FIELD': 'email',
    'USER_CREATE_PASSWORD_RETYPE': True,
    'USERNAME_CHANGED_EMAIL_CONFIRMATION': True,
    'PASSWORD_CHANGED_EMAIL_CONFIRMATION': True,
    'SEND_CONFIRMATION_EMAIL': True,
    'SEND_ACTIVATION_EMAIL': True,
    'SET_USERNAME_RETYPE': True,
    'PASSWORD_RESET_CONFIRM_URL': 'password/reset/confirm/{uid}/{token}',
    'SET_PASSWORD_RETYPE': True,
    'PASSWORD_RESET_CONFIRM_RETYPE': True,
    'USERNAME_RESET_CONFIRM_URL': 'email/reset/confirm/{uid}/{token}',
    'ACTIVATION_URL': 'activate/{uid}/{token}',
    'SOCIAL_AUTH_TOKEN_STRATEGY': 'djoser.social.token.jwt.TokenStrategy',
    'SOCIAL_AUTH_ALLOWED_REDIRECT_URIS': ['http://localhost:8000/google', 'http://localhost:8000/facebook'],
    'SERIALIZERS': {
        'user_create': 'apps.user.serializers.UserSerializer',
        'user': 'apps.user.serializers.UserSerializer',
        'current_user': 'apps.user.serializers.UserSerializer',
        'user_delete': 'djoser.serializers.UserDeleteSerializer',
    },
}

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY=os.environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_KEY')
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET=os.environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET')
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
    'https://www.googleapis.com/auth/userinfo.email',
    'https://www.googleapis.com/auth/userinfo.profile',
    'openid'
]
SOCIAL_AUTH_GOOGLE_OAUTH2_EXTRA_DATA = ['first_name', 'last_name']

SOCIAL_AUTH_FACEBOOK_KEY = os.environ.get('SOCIAL_AUTH_FACEBOOK_KEY')
SOCIAL_AUTH_FACEBOOK_SECRET = os.environ.get('SOCIAL_AUTH_FACEBOOK_SECRET')
SOCIAL_AUTH_FACEBOOK_SCOPE = ['email']
SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {'fields': 'email, first_name, last_name'}

You may want to explore djoser’s documentation to understand in more detail each field and the possible parameters you might want to use.

Step 6. Include the Djoser URL patterns in your project’s root urls.py file:

from django.urls import path, include
from django.contrib import admin
from django.conf import settings
from django.conf.urls.static import static

urlpatterns = [
    path('auth/', include('djoser.urls')),
    path('auth/', include('djoser.urls.jwt')),
    path('auth/', include('djoser.social.urls')),

    path('admin/', admin.site.urls),
]+ static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

Step 7. Include you ACTIVE_CAMPAIGN api key and user information in your `settings.py`, this is so users that register will automatically be added to your marketing pipeline.

ACTIVE_CAMPAIGN_URL = os.environ.get('ACTIVE_CAMPAIGN_URL')
ACTIVE_CAMPAIGN_KEY = os.environ.get('ACTIVE_CAMPAIGN_KEY')

Step 8. Install Stripe package. This is so users that register on your site will also get added to your stripe customer list and stripe connect sellers.

pip install stripe

Step 9. Get the stripe api keys and create a stripe webhook (just a demo one, you may add any events you like), add those values to the `settings.py`.

STRIPE_PUBLIC_KEY = os.environ.get('STRIPE_PUBLIC_KEY_DEV')
STRIPE_SECRET_KEY = os.environ.get('STRIPE_SECRET_KEY_DEV')
STRIPE_WEBHOOK_SECRET= os.environ.get('STRIPE_WEBHOOK_SECRET_DEV')

Step 10. Now declare the custom user model in settings.py.

AUTH_USER_MODEL = 'djoser_web3.UserAccount'

Step 11. Configure email backends to send email.

EMAIL_BACKEND='django.core.mail.backends.console.EmailBackend'

Step 12. Run the migrations to create the necessary database tables

python manage.py makemigrations
python manage.py migrate
  • With this basic setup you have a website that is capable of registering users while at the same time it:

    1. Creates a User Profile

    2. User Ethereum Wallet

    3. User Stripe Account

    4. User Stripe Connect Account

    5. Adds user to marketing list

You may now extend any model from djoser_web3 and create your views and urls.

Test the Djoser authentication views by sending HTTP requests to the endpoint URLs. For example, you can use a tool like curl to send a POST request to the /auth/users/ endpoint to create a new user.

Example

Here’s an example json object to create a new user.

In order to register using a frontend framework like React or Angular, you may send a post request with this format:

{
    "email":"test@gmail.com",
    "username":"test",
    "agreed":"True",
    "first_name":"Test",
    "last_name":"test",
    "password":"1234!qwer",
    "re_password":"1234!qwer"
}

Notice this model is using an “Agreed” field, this field will decide wether the user wants to be added to the marketing llist and receive automated emails.

This should create a new user with the specified username, email, and password. You can then use the Djoser views to authenticate users, reset passwords, etc.

For more information, you can refer to the Djoser documentation: `https://djoser.readthedocs.io/en/latest/index.html`

Sending Ethereum Transactions

To retrieve the private key, you will need to store the original private key somewhere where it can be accessed later.

One way to do this is to store the private key in a separate database table with a reference to the hashed private key.

Then, you can retrieve the original private key by querying the database using the hashed private key as a lookup key.

Here’s an example of how you can retrieve the original private key:

def get_private_key(private_key_hash):
    # Query the database for the wallet with the matching private key hash
    wallet = Wallet.objects.get(private_key_hash=private_key_hash)

    # Return the private key
    return wallet.private_key

You can then use this function to retrieve the private key whenever you need it for a transaction.

To access the private key and use it to make an Ethereum transaction, you will need to retrieve the original private key using the hashed private key as a lookup key.

Here’s an example of how you can retrieve the private key and use it to sign and send a transaction:

You can then call this function to send a transaction by passing in the hashed private key, the recipient address, and the value of the transaction the get_private_key function that I provided is the one you will use to retrieve the original private key using the hashed private key as a lookup key.

It is a good idea to store this function in a separate file so that you can reuse it in different parts of your project. You can then import the function into any module that needs to use it by using the import statement.

For example, you could create a utils.py file in your project and put the get_private_key function in that file. Then, in any other module where you want to use the function, you can do:

from utils import get_private_key

# Use the get_private_key function
private_key = get_private_key(private_key_hash)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

djoser_web3-0.0.2.tar.gz (12.9 kB view details)

Uploaded Source

Built Distribution

djoser_web3-0.0.2-py3-none-any.whl (10.3 kB view details)

Uploaded Python 3

File details

Details for the file djoser_web3-0.0.2.tar.gz.

File metadata

  • Download URL: djoser_web3-0.0.2.tar.gz
  • Upload date:
  • Size: 12.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.8

File hashes

Hashes for djoser_web3-0.0.2.tar.gz
Algorithm Hash digest
SHA256 1b176048ade17ce2e3ad1de553637a9d63753445178c5938a83fe4b01911c7a5
MD5 547d22bf91593663099dbd4153749ef1
BLAKE2b-256 3c3c1e36178f5ec54094560f76052ced7304dc6a540ac996cd74e77cf13b7a02

See more details on using hashes here.

File details

Details for the file djoser_web3-0.0.2-py3-none-any.whl.

File metadata

  • Download URL: djoser_web3-0.0.2-py3-none-any.whl
  • Upload date:
  • Size: 10.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.8

File hashes

Hashes for djoser_web3-0.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 5b39307833a0fff3372e314b19750e450ca47549e56f0558dfea8c1e0e98b883
MD5 a4bd0217c3fc667de7a663c5b1d2c1cc
BLAKE2b-256 cfa07a8c82d1d0b489743be3d5aa3905146d067d4a984ca9dd551964d31a6fae

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page