# django-auth-jwks
**django-auth-jwks** is a reusable Django app for verifying JWT tokens via JSON Web Key Sets (JWKS) with caching support. It is designed to work seamlessly with Django REST Framework (DRF) and supports both database-backed and stateless authentication scenarios.
> **Note**: This package is currently in **beta**. Features and APIs may change in future releases.
## Features
- **JWT Verification**: Validate JWT tokens using JWKS.
- **Stateless Authentication**: Supports servers without a database or user model.
- **Database Integration**: Maps JWT claims to Django user models when available.
- **Caching**: Efficiently caches JWKS for improved performance.
- **DRF Integration**: Works with Django REST Framework for API authentication.
## Installation
Install the package using pip:
```bash
pip install django-auth-jwks
```
Alternatively, for development purposes, you can install it in editable mode:
```bash
pip install -e .
```
To uninstall the package:
```bash
pip uninstall django-auth-jwks
```
## Quickstart
1. Add `django_auth_jwks` to your `INSTALLED_APPS` in `settings.py`:
```python
INSTALLED_APPS = [
...,
"django_auth_jwks",
]
```
2. Configure the `AUTH_JWKS` setting in your Django project to point to your JWKS URL:
```python
AUTH_JWKS = {
"ISSUER": "https://example.com",
"JWKS_ENDPOINT": "/o/.well-known/jwks.json",
"AUDIENCE": "example-service",
"CACHE_TTL": 300,
}
```
3. Use the `JWTAuthentication` class in your DRF settings:
```python
REST_FRAMEWORK = {
"DEFAULT_AUTHENTICATION_CLASSES": [
"django_auth_jwks.authentication.JWTAuthentication",
],
}
```
4. Optionally, use the `@require_auth` decorator or middleware for securing views.
5. Run your Django server:
```bash
python manage.py runserver
```
## Usage
### Securing Views with the `@require_auth` Decorator
You can secure individual views by applying the `@require_auth` decorator:
```python
from django_auth_jwks.decorators import require_auth
@require_auth
def my_view(request):
return JsonResponse({"message": "Authenticated!"})
```
### Using Middleware for Global Authentication
To apply authentication globally, add the middleware to your `MIDDLEWARE` setting:
```python
MIDDLEWARE = [
...,
"django_auth_jwks.middleware.JWTAuthenticationMiddleware",
]
```
## Development
To contribute to this project:
1. Clone the repository.
2. Install dependencies:
```bash
pip install -r requirements.txt
```
## License
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
## Contributing
Contributions are welcome! Please open an issue or submit a pull request for any improvements or bug fixes.
## Disclaimer
This package is in **beta**. Use it in production environments with caution, and report any issues you encounter.
Raw data
{
"_id": null,
"home_page": null,
"name": "django-auth-jwks",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "django, jwt, jwks, authentication, rest-framework",
"author": "Ankit",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/e4/ff/c2626f76676d5222d4261c644c9341df18ace04fd6c11ac47b302dbd316f/django_auth_jwks-1.0.1.tar.gz",
"platform": null,
"description": "# django-auth-jwks\n\n**django-auth-jwks** is a reusable Django app for verifying JWT tokens via JSON Web Key Sets (JWKS) with caching support. It is designed to work seamlessly with Django REST Framework (DRF) and supports both database-backed and stateless authentication scenarios.\n\n> **Note**: This package is currently in **beta**. Features and APIs may change in future releases.\n\n## Features\n\n- **JWT Verification**: Validate JWT tokens using JWKS.\n- **Stateless Authentication**: Supports servers without a database or user model.\n- **Database Integration**: Maps JWT claims to Django user models when available.\n- **Caching**: Efficiently caches JWKS for improved performance.\n- **DRF Integration**: Works with Django REST Framework for API authentication.\n\n## Installation\n\nInstall the package using pip:\n\n```bash\npip install django-auth-jwks\n```\n\nAlternatively, for development purposes, you can install it in editable mode:\n\n```bash\npip install -e .\n```\n\nTo uninstall the package:\n\n```bash\npip uninstall django-auth-jwks\n```\n\n## Quickstart\n\n1. Add `django_auth_jwks` to your `INSTALLED_APPS` in `settings.py`:\n\n ```python\n INSTALLED_APPS = [\n ...,\n \"django_auth_jwks\",\n ]\n ```\n\n2. Configure the `AUTH_JWKS` setting in your Django project to point to your JWKS URL:\n\n ```python\n AUTH_JWKS = {\n \"ISSUER\": \"https://example.com\",\n \"JWKS_ENDPOINT\": \"/o/.well-known/jwks.json\",\n \"AUDIENCE\": \"example-service\",\n \"CACHE_TTL\": 300,\n }\n ```\n\n3. Use the `JWTAuthentication` class in your DRF settings:\n\n ```python\n REST_FRAMEWORK = {\n \"DEFAULT_AUTHENTICATION_CLASSES\": [\n \"django_auth_jwks.authentication.JWTAuthentication\",\n ],\n }\n ```\n\n4. Optionally, use the `@require_auth` decorator or middleware for securing views.\n\n5. Run your Django server:\n\n ```bash\n python manage.py runserver\n ```\n\n## Usage\n\n### Securing Views with the `@require_auth` Decorator\n\nYou can secure individual views by applying the `@require_auth` decorator:\n\n```python\nfrom django_auth_jwks.decorators import require_auth\n\n@require_auth\ndef my_view(request):\n return JsonResponse({\"message\": \"Authenticated!\"})\n```\n\n### Using Middleware for Global Authentication\n\nTo apply authentication globally, add the middleware to your `MIDDLEWARE` setting:\n\n```python\nMIDDLEWARE = [\n ...,\n \"django_auth_jwks.middleware.JWTAuthenticationMiddleware\",\n]\n```\n\n## Development\n\nTo contribute to this project:\n\n1. Clone the repository.\n2. Install dependencies:\n\n ```bash\n pip install -r requirements.txt\n ```\n\n## License\n\nThis project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.\n\n## Contributing\n\nContributions are welcome! Please open an issue or submit a pull request for any improvements or bug fixes.\n\n## Disclaimer\n\nThis package is in **beta**. Use it in production environments with caution, and report any issues you encounter.\n",
"bugtrack_url": null,
"license": null,
"summary": "Reusable Django library for JWT verification using JWKS with caching",
"version": "1.0.1",
"project_urls": null,
"split_keywords": [
"django",
" jwt",
" jwks",
" authentication",
" rest-framework"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "8e7426d318ddaf0d989b3750b32db9e6490f162ede4e54c1b7f79dff450f77cf",
"md5": "c866f02c5705103bcb1ce447c1db34e2",
"sha256": "548d37088cfb7e566fb4b85e2eccab188baa0d68e9e7410941a5065e2813f111"
},
"downloads": -1,
"filename": "django_auth_jwks-1.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c866f02c5705103bcb1ce447c1db34e2",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 6943,
"upload_time": "2025-10-19T18:12:17",
"upload_time_iso_8601": "2025-10-19T18:12:17.855558Z",
"url": "https://files.pythonhosted.org/packages/8e/74/26d318ddaf0d989b3750b32db9e6490f162ede4e54c1b7f79dff450f77cf/django_auth_jwks-1.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "e4ffc2626f76676d5222d4261c644c9341df18ace04fd6c11ac47b302dbd316f",
"md5": "0ba86af50aef670df731223deb646427",
"sha256": "157dfe9d527cc62d7a17817037c110af9d2214d881b561f95018f9c8e8167ca4"
},
"downloads": -1,
"filename": "django_auth_jwks-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "0ba86af50aef670df731223deb646427",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 5243,
"upload_time": "2025-10-19T18:12:19",
"upload_time_iso_8601": "2025-10-19T18:12:19.272517Z",
"url": "https://files.pythonhosted.org/packages/e4/ff/c2626f76676d5222d4261c644c9341df18ace04fd6c11ac47b302dbd316f/django_auth_jwks-1.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-10-19 18:12:19",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "django-auth-jwks"
}
JSON