Installation¶
- Install package:
pip install dj-rest-auth
- Add
dj_rest_auth
app to INSTALLED_APPS in your django settings.py:
INSTALLED_APPS = (
...,
'rest_framework',
'rest_framework.authtoken',
...,
'dj_rest_auth'
)
Note
This project depends on django-rest-framework
library, so install it if you haven’t done yet. Make sure also you have installed rest_framework
and rest_framework.authtoken
apps
- Add dj_rest_auth urls:
urlpatterns = [
...,
path('dj-rest-auth/', include('dj_rest_auth.urls'))
]
- Migrate your database
python manage.py migrate
You’re good to go now!
Registration (optional)¶
- If you want to enable standard registration process you will need to install
django-allauth
by usingpip install 'dj-rest-auth[with_social]'
. - Add
django.contrib.sites
,allauth
,allauth.account
anddj_rest_auth.registration
apps to INSTALLED_APPS in your django settings.py: - Add
SITE_ID = 1
to your django settings.py
INSTALLED_APPS = (
...,
'django.contrib.sites',
'allauth',
'allauth.account',
'dj_rest_auth.registration',
)
SITE_ID = 1
- Add dj_rest_auth.registration urls:
urlpatterns = [
...,
path('dj-rest-auth/', include('dj_rest_auth.urls')),
path('dj-rest-auth/registration/', include('dj_rest_auth.registration.urls'))
]
JSON Web Token (JWT) Support (optional)¶
By default dj-rest-auth
uses Django’s Token-based authentication. If you want to use JWT authentication, follow these steps:
- Install djangorestframework-simplejwt
djangorestframework-simplejwt
is currently the only supported JWT library.
- Add a simple_jwt auth configuration to the list of authentication classes.
REST_FRAMEWORK = {
...
'DEFAULT_AUTHENTICATION_CLASSES': (
...
'dj_rest_auth.jwt_auth.JWTCookieAuthentication',
)
...
}
- Add the following configuration value to your settings file to enable JWT authentication in dj-rest-auth.
REST_USE_JWT = True
- Declare what you want the cookie key to be called.
JWT_AUTH_COOKIE = 'my-app-auth'
This example value above will cause dj-rest-auth to return a Set-Cookie header that looks like this:
Set-Cookie: my-app-auth=xxxxxxxxxxxxx; expires=Sat, 28 Mar 2020 18:59:00 GMT; HttpOnly; Max-Age=300; Path=/
JWT_AUTH_COOKIE
is also used while authenticating each request against protected views.
Social Authentication (optional)¶
Using
django-allauth
,dj-rest-auth
provides helpful class for creating social media authentication view.Note
Points 1 and 2 are related to
django-allauth
configuration, so if you have already configured social authentication, then please go to step 3. Seedjango-allauth
documentation for more details.allauth.socialaccount
andallauth.socialaccount.providers.facebook
orallauth.socialaccount.providers.twitter
apps to INSTALLED_APPS in your django settings.py:Facebook¶
dj_rest_auth.registration.views.SocialLoginView
withFacebookOAuth2Adapter
adapter as an attribute:Twitter¶
If you are using Twitter for your social authentication, it is a bit different since Twitter uses OAuth 1.0.
dj_rest_auth.registration.views.SocialLoginView
withTwitterOAuthAdapter
adapter andTwitterLoginSerializer
as an attribute:Note
Starting from v0.21.0, django-allauth has dropped support for context processors. Check out http://django-allauth.readthedocs.org/en/latest/changelog.html#from-0-21-0 for more details.
GitHub¶
If you are using GitHub for your social authentication, it uses code and not AccessToken directly.
dj_rest_auth.views.SocialLoginView
withGitHubOAuth2Adapter
adapter, anOAuth2Client
and a callback_url as attributes:Additional Social Connect Views¶
If you want to allow connecting existing accounts in addition to login, you can use connect views:
In urls.py:
You can also use the following views to check all social accounts attached to the current authenticated user and disconnect selected social accounts: