A JSON Web Token authentication extension for the Django REST Framework.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for vskrachkov from gravatar.com vskrachkov

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Author: Vicheslav Krachkov

Requires: Python >=3.8

Project description

drf_pyjwt

A JSON Web Token authentication extension for the Django REST Framework

PyPI Version Maintainability

Installation

Using pip

pip install drf_pyjwt

Using pipenv

pipenv install drf_pyjwt

Quick start

In your project’s settings.py add these settings.

DRF_PYJWT_JWKS_URI = "https://api.sample/jwks.json"
DRF_PYJWT_ALGORITHMS = ["RS256"]
DRF_PYJWT_KWARGS = {"audience": "https://api.sample"}

In views.py add PyJWTAuthentication class to authentication classes.

@api_view(["get"])
@authentication_classes([PyJWTAuthentication])
def example(request: Request) -> Response:
    token: dict = request.auth
    print("Access token: {token}")
    return Response({"some": "response"})

By default PyJWTAuthentication cannot lookup user by token, that's why you will get None in request.user. You can provide lookup user function using DRF_PYJWT_LOOKUP_USER setting. After this PyJWTAuthentication will populate request.user using provided function.

Settings Reference

DRF_PYJWT_JWKS_URI

Required: True

Type: str

Value which will be passed as uri argument to jwt.jwks_client.PyJWKClient function

DRF_PYJWT_ALGORITHMS

Required: False

Type: List[str]

Default: ["RS256"]

Example: DRF_PYJWT_ALGORITHMS = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"

Value which will be passed as algorithms argument to jwt.decode function.

DRF_PYJWT_OPTIONS

Required: False

Type: dict

Example: DRF_PYJWT_OPTIONS = {"verify_exp": False}

Value which will be passed as options argument to jwt.decode function.

DRF_PYJWT_KWARGS

Required: False

Type: dict

Example: DRF_PYJWT_KWARGS = {"audience": "https://app.domain"}

Value which will be passed as **kwargs argument to jwt.decode function.

DRF_PYJWT_LOOKUP_USER

Required: False

Type: str (Import path to the Callable[[dict], Optional[AbstractBaseUser]])

Example:

def lookup_user(token: dict) -> Optional[AbstractBaseUser]:
    user_id = token["custom_claim_user_id"]
    user = User.objects.filter(pk=user_id).first()
    return user

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for vskrachkov from gravatar.com vskrachkov

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Author: Vicheslav Krachkov

Requires: Python >=3.8


Release history Release notifications | RSS feed

This version

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.3

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

drf_pyjwt-0.0.8.tar.gz (12.5 kB view hashes)

Uploaded Source

Built Distribution

drf_pyjwt-0.0.8-py3-none-any.whl (3.4 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page