Modern Django REST Framework authentication toolkit with JWT cookies, social login, and 2FA support

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for huynguyengl99 from gravatar.com huynguyengl99

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (MIT License)
  • Author: Huy Nguyen
  • Requires: Python <4.0, >=3.10
  • Provides-Extra: all , mfa , social
Classifiers
Report project as malware

Project description

PyPI Code Coverage Test Checked with mypy Checked with pyright Docstring

Modern Django REST Framework authentication toolkit with JWT cookies, social login, MFA, and comprehensive user management.

Built as a next-generation alternative to existing DRF authentication packages, DRF Auth Kit provides a complete authentication solution with modern developer experience, inspired by dj-rest-auth but enhanced with full type safety, automatic OpenAPI schema generation, and comprehensive MFA support inspired by django-trench.

Features

  • Multiple Authentication Types: JWT (default), DRF Token, or Custom

  • Cookie-Based Security: HTTP-only cookies

  • Complete User Management: Registration, password reset, email verification

  • Multi-Factor Authentication: Support multiple MFAs with backup codes

  • Social Authentication: Django Allauth integration with 50+ providers, support for both OAuth2 and OpenID connect.

  • Internationalization: Built-in support for 57 languages including English, Spanish, French, German, Chinese, Japanese, Korean, Vietnamese, and more

  • Full Type Safety: Complete type hints with mypy and pyright

  • OpenAPI Integration: Auto-generated API documentation with DRF Spectacular

  • Flexible Configuration: Customizable serializers, views, and authentication backends

Installation

pip install drf-auth-kit

Optional Features:

# For MFA support
pip install drf-auth-kit[mfa]

# For social authentication
pip install drf-auth-kit[social]

# For both MFA and social
pip install drf-auth-kit[all]

Core Dependencies: Django 5.0+, DRF 3.0+, Django Allauth, DRF SimpleJWT

Quick Start

  1. Add to your Django settings:

INSTALLED_APPS = [
    # ... your apps
    'rest_framework',
    'allauth',  # Required for social auth
    'allauth.account',  # Required for social auth
    # 'allauth.socialaccount',  # For social login
    # 'allauth.socialaccount.providers.google',  # For Google login
    'auth_kit',
    # 'auth_kit.social',  # For social authentication
    # 'auth_kit.mfa',  # For MFA support
]

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'auth_kit.authentication.JWTCookieAuthentication',
    ],
}

# Override only if needed:
# AUTH_KIT = {
#     'USE_MFA': True,  # Enable MFA
# }

# Google OAuth2 settings (for social login)
# SOCIALACCOUNT_PROVIDERS = {
#     'google': {
#         'SCOPE': ['profile', 'email'],
#         'AUTH_PARAMS': {'access_type': 'online'},
#         'OAUTH_PKCE_ENABLED': True,
#         'APP': {
#             'client_id': 'your-google-client-id',
#             'secret': 'your-google-client-secret',
#         }
#     }
# }

  1. Include Auth Kit URLs:

from django.urls import path, include

urlpatterns = [
    path('api/auth/', include('auth_kit.urls')),
    # path('api/auth/social/', include('auth_kit.social.urls')),  # For social auth
    # ... your other URLs
]

  1. Run migrations (only needed if using MFA):

python manage.py migrate

Authentication Types

JWT Authentication (Recommended)

  • Access and refresh tokens

  • Token refresh support

  • Secure cookie storage

DRF Token Authentication

  • Simple token-based auth

  • Compatible with DRF TokenAuthentication

  • Cookie support available

Custom Authentication

  • Bring your own authentication backend

  • Full customization support

  • Integrate with third-party services

Documentation

Please visit DRF Auth Kit docs for complete documentation, including:

  • Detailed configuration options

  • Custom serializer examples

  • Advanced usage patterns

  • Integration guides

Upcoming Features

Enhanced Multi-Factor Authentication

  • Hardware Security Keys: YubiKey and FIDO2/WebAuthn support

  • SMS & Voice: Twilio integration for SMS and voice-based MFA

  • Authenticator Apps: Enhanced TOTP support (Google Authenticator, Authy, etc.)

  • Trusted Devices: Remember MFA verification for trusted browsers/sessions

Passwordless Authentication

  • WebAuthn: Biometric and hardware key authentication

  • Magic Links: Email-based passwordless login

  • SMS Login: One-time password via SMS

Advanced Security Features

  • Rate Limiting: Configurable rate limits for authentication endpoints

  • Account Lockout: Progressive delays and temporary account locks

  • Audit Logging: Comprehensive security event logging

  • Geographic Restrictions: IP-based access controls and geo-blocking

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for huynguyengl99 from gravatar.com huynguyengl99

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD License (MIT License)
  • Author: Huy Nguyen
  • Requires: Python <4.0, >=3.10
  • Provides-Extra: all , mfa , social
Classifiers

Release history Release notifications | RSS feed

1.1.5

1.1.4

1.1.3

This version

1.1.2

1.1.1

1.1.0

1.0.1

1.0.0

0.3.11

0.3.10

0.3.9

0.3.8

0.3.7

0.3.6

0.3.5

0.3.4

0.3.3

0.3.2

0.3.1

0.3.0

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

drf_auth_kit-1.1.2.tar.gz (257.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

drf_auth_kit-1.1.2-py3-none-any.whl (471.1 kB view details)

Uploaded Python 3

File details

Details for the file drf_auth_kit-1.1.2.tar.gz.

File metadata

  • Download URL: drf_auth_kit-1.1.2.tar.gz
  • Upload date:
  • Size: 257.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for drf_auth_kit-1.1.2.tar.gz
Algorithm Hash digest
SHA256 29cfdad9f02631b0c48cc5e6fc74cfb18c2d94b1e104d3ad43cbc33c5a3f21e6
MD5 474c63f021f84f6ef249ebb4fce216d8
BLAKE2b-256 c83245d767cf8cc5d141ba690a6c014dbe2521bbb00c7ed49154e98f776c78e7

See more details on using hashes here.

Provenance

The following attestation bundles were made for drf_auth_kit-1.1.2.tar.gz:

Publisher: publish.yml on forthecraft/drf-auth-kit

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file drf_auth_kit-1.1.2-py3-none-any.whl.

File metadata

  • Download URL: drf_auth_kit-1.1.2-py3-none-any.whl
  • Upload date:
  • Size: 471.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for drf_auth_kit-1.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 d5170c424953c20df96b3b059b3e67fed960baf5fb8850d278164c8f3f9883ba
MD5 fdc3d24f5c589b1f49e9e47a0817ee8a
BLAKE2b-256 24c727af633120d5eab5243dd9b4dff2ceaefc22ae31158efac73759a127d98a

See more details on using hashes here.

Provenance

The following attestation bundles were made for drf_auth_kit-1.1.2-py3-none-any.whl:

Publisher: publish.yml on forthecraft/drf-auth-kit

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page