This library let you to authenticate an specific user on DRF based on the JWT Token returned by Auth0 Javascript libraries.
Project description
djangorestframework-auth0
This library let you to authenticate an specific user on DRF based on the JWT Token returned by Auth0 Javascript libraries.
Installation
- Using
pip
to install current release:
pip install rest_framework_auth0
- Using
pip
to install development version:
pip install git+https://github.com/mcueto/djangorestframework-auth0/
Quick start
- Make sure
django.contrib.auth
in on INSTALLED_APPS setting, otherwise add it by your own:
INSTALLED_APPS = [
...
'django.contrib.auth',
...
]
This will allow us to login as an specific user as well as auto-creating users when they don't exist
- Add
rest_framework_auth0
to yourINSTALLED_APPS
setting:
INSTALLED_APPS = [
...,
'rest_framework_auth0',
]
- Add
Auth0JSONWebTokenAuthentication
in your DEFAULT_AUTHENTICATION_CLASSES located at settings.py from your project:
REST_FRAMEWORK = {
...,
'DEFAULT_AUTHENTICATION_CLASSES': (
...,
'rest_framework_auth0.authentication.Auth0JSONWebTokenAuthentication',
),
}
- Add your
CLIENTS
&MANAGEMENT_API
settings in your settings.py file:
# Import cryptography libraries
from cryptography.x509 import load_pem_x509_certificate
from cryptography.hazmat.backends import default_backend
# Read the your Auth0 client PEM certificate
certificate_text = open('rsa_certificates/certificate.pem', 'rb').read()
certificate = load_pem_x509_certificate(certificate_text, default_backend())
# Get your PEM certificate public_key
certificate_publickey = certificate.public_key()
#
#
# AUTH0 SETTINGS
AUTH0 = {
'CLIENTS': {
'default': {
'AUTH0_CLIENT_ID': '<YOUR_AUTH0_CLIENT_ID>',
'AUTH0_AUDIENCE': '<YOUR_AUTH0_CLIENT_AUDIENCE>',
'AUTH0_ALGORITHM': 'RS256', # default used in Auth0 apps
'PUBLIC_KEY': certificate_publickey',
}
},
# Management API - For roles and permissions validation
'MANAGEMENT_API': {
'AUTH0_DOMAIN': '<YOUR_AUTH0_DOMAIN>',
'AUTH0_CLIENT_ID': '<YOUR_AUTH0_M2M_API_MANAGEMENT_CLIENT_ID>',
'AUTH0_CLIENT_SECRET': '<YOUR_AUTH0_M2M_API_MANAGEMENT_CLIENT_SECRET>'
},
}
- Add the
Authorization
Header to all of your REST API request, prefixingBearer
to your token(default in common REST clients & Postman):
Authorization: Bearer <AUTH0_GIVEN_TOKEN>
- That's it, now only your Auth0 users can request data to your DRF endpoints
NOTE: In order to get the token authentication, the 'django.contrib.auth' app models migrations must be applied(python manage.py migrate).
Use cases
Sample Project
A sample project can be found here
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file rest-framework-auth0-0.6.4.tar.gz
.
File metadata
- Download URL: rest-framework-auth0-0.6.4.tar.gz
- Upload date:
- Size: 12.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.0.10 CPython/3.7.5 Linux/5.3.0-7648-generic
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
de1af1e7950a7397a20906c4f85503b87aa7492fc012a84ec096b1885e5bf9af
|
|
MD5 |
6a00c7b58dcfcda63e8bb6b2b770eebf
|
|
BLAKE2b-256 |
97021846d6e6909f9547e2b388ed6a5aa36c21fa7aab3f87c03104ff9c7f081d
|
File details
Details for the file rest_framework_auth0-0.6.4-py3-none-any.whl
.
File metadata
- Download URL: rest_framework_auth0-0.6.4-py3-none-any.whl
- Upload date:
- Size: 13.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.0.10 CPython/3.7.5 Linux/5.3.0-7648-generic
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
89707208ffcd072f6f7c4331b23eb22336f67f90075d9f56f97dc1b6c00821c2
|
|
MD5 |
069ed4525a3d896d13655315cbddd6dd
|
|
BLAKE2b-256 |
708f6a0f0c1ff32e8190242d110cd683449a21d342c4ad25fc9425ed691f5409
|