This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

DRF JWT + Knox

This package provides an authentication mechanism for Django REST Framework based on JSON Web Tokens in the browser backed up by Knox-powered tokens in the database.

This package aims to take the better parts of both worlds, including:

  • Expirable tokens: The tokens may be manually expired in the database, so a user can log out of all other logged-in places, or everywhere.
  • Different tokens per login attempt (per user-agent), meaning that a user’s session is tied to the specific machine and logging can be segregated per usage.
  • JWT-based tokens, so the token can have an embedded expiration time, and further metadata for other applications.
  • Tokens are generated via OpenSSL so that they are cryptographically more secure.
  • Only the tokens’ hashes are stored in the database, so that even if the database gets dumped, an attacker cannot impersonate people through existing credentials
  • Other applications sharing the JWT private key can also decrypt the JWT

Usage

Add this application and knox to INSTALLED_APPS in your settings.py.

Then, add this app’s routes to some of your urlpatterns.

You can use the verify endpoint to verify whether a token is valid or not (which may be useful in a microservice architecture).

Tests

Tests are automated with tox and run on Travis-CI automatically. You can check the status in Travis, or just run tox from the command line.

Contributing

This project uses the GitHub Flow approach for contributing, meaning that we would really appreciate it if you would send patches as Pull Requests in GitHub. If for any reason you prefer to send patches by email, they are also welcome and will end up being integrated here.

License

This code is released under the Apache Software License Version 2.0.

Release History

Release History

0.1.0

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.0.dev1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
drf_jwt_knox-0.1.0-py2.py3-none-any.whl (10.3 kB) Copy SHA256 Checksum SHA256 py2.py3 Wheel Oct 11, 2016
drf-jwt-knox-0.1.0.tar.gz (10.8 kB) Copy SHA256 Checksum SHA256 Source Oct 11, 2016

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting