Firebase token authentication for Django Rest Framework
Project description
Inspired by garyburgmann/drf-firebase-auth and based on Rest Framework’s TokenAuthentication, drf-firebase-token-auth should be just what you need to enable client authentication using Firebase Authentication.
How Does It Work
For each REST request, a Firebase ID Token is extracted from the Authorization header.
The ID Token is verified against Firebase.
If the Firebase user is already known (A record with the corresponding UID exists in the FirebaseUser table), then the corresponding local User is successfully authenticated.
Otherwise, the unfamiliar Firebase user is attempted to be matched against a local User record by email or username. If no match exists, then a new User is created. Its username is assigned either to the Firebase email or UID (in case an email is not available). Finally, the newly created local User is successfully authenticated.
Installation
Install the pip package:
$ pip install drf-firebase-token-auth
Add the application to your project’s INSTALLED_APPS:
# settings.py INSTALLED_APS = [ ... 'drf-firebase-token-auth', ]
Add FirebaseTokenAuthentication to Rest Framework’s list of default authentication classes:
# settings.py REST_FRAMEWORK = { ... 'DEFAULT_AUTHENTICATION_CLASSES': [ ... 'drf_firebase_token_auth.authentication.FirebaseTokenAuthentication', ] }
Note: It’s perfectly fine to keep other authentication classes as well. For example, you may want to keep rest_framework.authentication.SessionAuthentication to allow access to the browsable API for local users with password.
Configure the application:
# settings.py DRF_FIREBASE_TOKEN_AUTH = { # REQUIRED SETTINGS: # Path to JSON file with firebase secrets 'FIREBASE_SERVICE_ACCOUNT_KEY_FILE_PATH': r'/mnt/c/Users/ronhe/Google Drive/ProgramsData/WizWot/paywiz-c4b4f-firebase-adminsdk-ekbjf-9b7776879a.json', # OPTIONAL SETTINGS: # Create new matching local user in db, if no match found. # Otherwise, Firebase user not matching a local user will not # be authenticated. 'SHOULD_CREATE_LOCAL_USER': True, # Authentication header token keyword (usually 'Token', 'JWT' or 'Bearer') 'AUTH_HEADER_TOKEN_KEYWORD': 'Token', # Verify that Firebase token has not been revoked. 'VERIFY_FIREBASE_TOKEN_NOT_REVOKED': True, # Require that Firebase user email_verified is True. # If set to True, non verified email addresses from Firebase are ignored. 'IGNORE_FIREBASE_UNVERIFIED_EMAIL': True, }
Migrate:
$ python manage.py migrate drf-firebase-token-auth
Have your clients adding Token <Firebase ID Token> in the Authorization Header of their REST requests.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for drf-firebase-token-auth-0.2.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9f90ab17ef10620cd3693875354ff418750bd19db09a481a6ac9853c20ed9d69 |
|
MD5 | ce256369775b1b4ea1b9abf4707a7f27 |
|
BLAKE2b-256 | 8c180261b49dd9a842d1c94749574a4d8091ea5c9a1525c8c342e356984c5c6b |
Hashes for drf_firebase_token_auth-0.2.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4d175fd25eeddcf358bc7f4eedceb03610028e9f51ce50645e67b878bb8df3c7 |
|
MD5 | 9033b76ab502e5a8ba151c9bffcab335 |
|
BLAKE2b-256 | ec95185343106dd3bb548e5d8b98fceb43eac1451b0bb75c5d5f90b68eb24dba |