Django Rest Framework Library to use Auth0 authentication
Project description
=====
djangorestframework-auth0
=====
Warning
-------
**This library is in an early stage of development, use with caution, and -if you can- push some changes :)**
Library to simply use Auth0 token authentication in DRF within djangorestframework-jwt
This library let you to login an specific user based on the JWT Token returned by Auth0 Javascript libraries
Detailed documentation will be in the "docs" directory.
Installation
-----------
1. Using `pip` install the library cloning the repository with following command::
pip install rest_framework_auth0
Quick start
-----------
1. Add "django.contrib.auth to INSTALLED_APPS settings like this::
INSTALLED_APPS = [
...
'django.contrib.auth',
...
]
This will allow us to login as an specific user as well as auto-creating users when they don't exist
1. Add "rest_framework_auth0" to your INSTALLED_APPS **after** `rest_framework_jwt` setting like this::
INSTALLED_APPS = [
...,
'rest_framework_jwt',
'rest_framework_auth0',
]
2. Add `Auth0JSONWebTokenAuthentication` in your DEFAULT_AUTHENTICATION_CLASSES located at settings.py from your project::
REST_FRAMEWORK = {
...,
'DEFAULT_AUTHENTICATION_CLASSES': (
...,
'rest_framework_auth0.authentication.Auth0JSONWebTokenAuthentication',
),
}
3. Add your AUTH0_CLIENT_SECRET and AUTH0_CLIENT_ID in your settings.py file -must be the same secret and id than the frontend App-::
AUTH0 = {
'AUTH0_CLIENT_ID':'<YOUR_AUTH0_CLIENT_ID>', #make sure it's the same string that aud attribute in your payload provides
'AUTH0_CLIENT_SECRET':'<YOUR_AUTH0_CLIENT_SECRET>',
'AUTH0_ALGORITHM':'HS256', #default used in Auth0 apps
'JWT_AUTH_HEADER_PREFIX': 'JWT', #default prefix used by djangorestframework_jwt
'AUTHORIZATION_EXTENSION': False, #if True, enable groups auto_creations based on the app_metadata.groups attribute on the user payload
'CLIENT_SECRET_BASE64_ENCODED': True #default to True, if you're Auth0 user since December, maybe you should set it to False
}
4. Add the `Authorization` Header to all of your REST API request, prefixing JWT to your token::
Authorization: JWT <AUTH0_GIVEN_TOKEN>
5. Use the decorator `@token_required` in all views you want to protect (not_ready_yet)
6. That's it
Sample project
-----------
A sample project can be found on https://github.com/mcueto/djangorestframework-auth0_sample
djangorestframework-auth0
=====
Warning
-------
**This library is in an early stage of development, use with caution, and -if you can- push some changes :)**
Library to simply use Auth0 token authentication in DRF within djangorestframework-jwt
This library let you to login an specific user based on the JWT Token returned by Auth0 Javascript libraries
Detailed documentation will be in the "docs" directory.
Installation
-----------
1. Using `pip` install the library cloning the repository with following command::
pip install rest_framework_auth0
Quick start
-----------
1. Add "django.contrib.auth to INSTALLED_APPS settings like this::
INSTALLED_APPS = [
...
'django.contrib.auth',
...
]
This will allow us to login as an specific user as well as auto-creating users when they don't exist
1. Add "rest_framework_auth0" to your INSTALLED_APPS **after** `rest_framework_jwt` setting like this::
INSTALLED_APPS = [
...,
'rest_framework_jwt',
'rest_framework_auth0',
]
2. Add `Auth0JSONWebTokenAuthentication` in your DEFAULT_AUTHENTICATION_CLASSES located at settings.py from your project::
REST_FRAMEWORK = {
...,
'DEFAULT_AUTHENTICATION_CLASSES': (
...,
'rest_framework_auth0.authentication.Auth0JSONWebTokenAuthentication',
),
}
3. Add your AUTH0_CLIENT_SECRET and AUTH0_CLIENT_ID in your settings.py file -must be the same secret and id than the frontend App-::
AUTH0 = {
'AUTH0_CLIENT_ID':'<YOUR_AUTH0_CLIENT_ID>', #make sure it's the same string that aud attribute in your payload provides
'AUTH0_CLIENT_SECRET':'<YOUR_AUTH0_CLIENT_SECRET>',
'AUTH0_ALGORITHM':'HS256', #default used in Auth0 apps
'JWT_AUTH_HEADER_PREFIX': 'JWT', #default prefix used by djangorestframework_jwt
'AUTHORIZATION_EXTENSION': False, #if True, enable groups auto_creations based on the app_metadata.groups attribute on the user payload
'CLIENT_SECRET_BASE64_ENCODED': True #default to True, if you're Auth0 user since December, maybe you should set it to False
}
4. Add the `Authorization` Header to all of your REST API request, prefixing JWT to your token::
Authorization: JWT <AUTH0_GIVEN_TOKEN>
5. Use the decorator `@token_required` in all views you want to protect (not_ready_yet)
6. That's it
Sample project
-----------
A sample project can be found on https://github.com/mcueto/djangorestframework-auth0_sample
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for rest_framework_auth0-0.1.9.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | b3726bfa57778ebd28bd9e3fe94206c6b35b8b65e7feef9b3bdddea205c6152f |
|
MD5 | 5c4f4ad1258dd0018ecea93d26f32c25 |
|
BLAKE2b-256 | 3150ab5dc7f41a74683ee93824de7988a55eadadb046b73a5a482997c29e0fa0 |