Welcome to JWT Allauth
======================
JWT Allauth delivers **SIMPLE** authentication for the Django REST module, based on robust frameworks configured in an **efficient** and stateless way through **JWT** access/refresh token architecture. The token whitelisting system ensures granular control over user sessions while maintaining minimal database overhead.
With **JWT Allauth**, gain peace of mind through enterprise-grade security while dedicating your energy to building your app's unique value proposition.
Features
--------
- **Low database load**: Designed to minimize database queries through stateless JWT token authentication.
- Token whitelisting system: Implements a refresh token whitelist tied to specific device sessions.
- **Enhanced security**: Enables revoking access to specific devices or all devices simultaneously.
- Automatic token renewal: Active sessions for extended periods without reauthentication, ideal for **mobile apps**.
- Email verification: Includes a full **REST email verification** system during user registration.
- Comprehensive user management: Features password recovery, email-based authentication, and session logout.
- **Effortless setup**: Get your project up and running with a single command.
Why whitelisting?
-----------------
The refresh token whitelist tracks devices **authorized by the user**, stored in the database to verify refresh tokens during access token renewal requests.
This system empowers users to **revoke access** to stolen/lost devices or log out of all sessions simultaneously. Refresh tokens are regenerated upon each use, ensuring active session tracking. If a refresh token is reused, the system invalidates both tokens and terminates the session tied to the compromised device.
Refresh token auto-renewal enables extended active sessions without repeated logins—ideal for **mobile apps**, where users shouldn’t need to reauthenticate every time they open the app.
Access tokens provide short-lived authentication credentials (via JWT), enabling stateless API access. This approach **minimizes database load** by eliminating per-request database queries.
Quick Start
-----------
Install using ``pip``...
pip install django-jwt-allauth
You can quickly start a new Django project with JWT Allauth pre-configured using the `startproject` command:
jwt-allauth startproject myproject
This will create a new Django project called `myproject` with JWT Allauth pre-configured. Then:
cd myproject
python manage.py makemigrations
python manage.py migrate
python manage.py runserver
Available options:
- `--email=True` - Enables email configuration in the project
- `--template=PATH` - Uses a custom template directory for project creation
Email verification
------------------
To enable the email verification, configure the email provider in your ``settings.py`` file.
EMAIL_VERIFICATION = True
EMAIL_HOST = ...
EMAIL_PORT = ...
EMAIL_HOST_USER = ...
EMAIL_HOST_PASSWORD = ...
EMAIL_USE_TLS = ...
DEFAULT_FROM_EMAIL = ...
Redirection URLs
----------------
The relative url to be redirected once the email verified can be configured through:
EMAIL_VERIFIED_REDIRECT = ...
The relative url with the form to set the new password on password reset:
PASSWORD_RESET_REDIRECT = ...
If not configured, users will be redirected to the default password reset form at ``/jwt-allauth/password/reset/default/``. This form provides a modern, responsive interface for password reset with proper form validation and error handling.
Templates
---------
The templates can be configured in a JWT_ALLAUTH_TEMPLATES dictionary:
- ``PASS_RESET_SUBJECT`` - subject of the password reset email (default: ``email/password/reset_email_subject.txt``).
- ``PASS_RESET_EMAIL`` - template of the password reset email (default: ``email/password/reset_email_message.html``).
- ``EMAIL_VERIFICATION_SUBJECT`` - subject of the signup email verification sent (default: ``email/signup/email_subject.txt``).
- ``EMAIL_VERIFICATION`` - template of the signup email verification sent (default: ``email/signup/email_message.html``).
Example:
JWT_ALLAUTH_TEMPLATES = {
'PASS_RESET_SUBJECT': 'mysite/templates/password_reset_subject.txt',
...
}
Acknowledgements
----------------
This project began as a fork of django-rest-auth. Thanks to the authors for their great work.
Raw data
{
"_id": null,
"home_page": "http://github.com/castellanos-dev/django-jwt-allauth",
"name": "django-jwt-allauth",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "django rest auth registration rest-framework django-registration api allauth jwt whitelist",
"author": "Fernando Castellanos",
"author_email": "fcastellanos.dev@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/34/1e/d26468694511e2ab752683116efb2cb147931499112b7480bbf09a6f9f20/django-jwt-allauth-1.0.3.tar.gz",
"platform": null,
"description": "Welcome to JWT Allauth\n======================\n\nJWT Allauth delivers **SIMPLE** authentication for the Django REST module, based on robust frameworks configured in an **efficient** and stateless way through **JWT** access/refresh token architecture. The token whitelisting system ensures granular control over user sessions while maintaining minimal database overhead.\n\nWith **JWT Allauth**, gain peace of mind through enterprise-grade security while dedicating your energy to building your app's unique value proposition.\n\n\nFeatures\n--------\n\n- **Low database load**: Designed to minimize database queries through stateless JWT token authentication.\n- Token whitelisting system: Implements a refresh token whitelist tied to specific device sessions.\n- **Enhanced security**: Enables revoking access to specific devices or all devices simultaneously.\n- Automatic token renewal: Active sessions for extended periods without reauthentication, ideal for **mobile apps**.\n- Email verification: Includes a full **REST email verification** system during user registration.\n- Comprehensive user management: Features password recovery, email-based authentication, and session logout.\n- **Effortless setup**: Get your project up and running with a single command.\n\n\nWhy whitelisting?\n-----------------\n\nThe refresh token whitelist tracks devices **authorized by the user**, stored in the database to verify refresh tokens during access token renewal requests.\n\nThis system empowers users to **revoke access** to stolen/lost devices or log out of all sessions simultaneously. Refresh tokens are regenerated upon each use, ensuring active session tracking. If a refresh token is reused, the system invalidates both tokens and terminates the session tied to the compromised device.\n\nRefresh token auto-renewal enables extended active sessions without repeated logins\u2014ideal for **mobile apps**, where users shouldn\u2019t need to reauthenticate every time they open the app.\n\nAccess tokens provide short-lived authentication credentials (via JWT), enabling stateless API access. This approach **minimizes database load** by eliminating per-request database queries.\n\n\nQuick Start\n-----------\n\nInstall using ``pip``...\n\n pip install django-jwt-allauth\n\nYou can quickly start a new Django project with JWT Allauth pre-configured using the `startproject` command:\n\n jwt-allauth startproject myproject\n\nThis will create a new Django project called `myproject` with JWT Allauth pre-configured. Then:\n\n cd myproject\n python manage.py makemigrations\n python manage.py migrate\n python manage.py runserver\n\nAvailable options:\n- `--email=True` - Enables email configuration in the project\n- `--template=PATH` - Uses a custom template directory for project creation\n\n\nEmail verification\n------------------\n\nTo enable the email verification, configure the email provider in your ``settings.py`` file.\n\n EMAIL_VERIFICATION = True\n EMAIL_HOST = ...\n EMAIL_PORT = ...\n EMAIL_HOST_USER = ...\n EMAIL_HOST_PASSWORD = ...\n EMAIL_USE_TLS = ...\n DEFAULT_FROM_EMAIL = ...\n\n\nRedirection URLs\n----------------\n\nThe relative url to be redirected once the email verified can be configured through:\n\n EMAIL_VERIFIED_REDIRECT = ...\n\nThe relative url with the form to set the new password on password reset:\n\n PASSWORD_RESET_REDIRECT = ...\n\nIf not configured, users will be redirected to the default password reset form at ``/jwt-allauth/password/reset/default/``. This form provides a modern, responsive interface for password reset with proper form validation and error handling.\n\n\nTemplates\n---------\n\nThe templates can be configured in a JWT_ALLAUTH_TEMPLATES dictionary:\n\n - ``PASS_RESET_SUBJECT`` - subject of the password reset email (default: ``email/password/reset_email_subject.txt``).\n - ``PASS_RESET_EMAIL`` - template of the password reset email (default: ``email/password/reset_email_message.html``).\n - ``EMAIL_VERIFICATION_SUBJECT`` - subject of the signup email verification sent (default: ``email/signup/email_subject.txt``).\n - ``EMAIL_VERIFICATION`` - template of the signup email verification sent (default: ``email/signup/email_message.html``).\n\nExample:\n\n JWT_ALLAUTH_TEMPLATES = {\n 'PASS_RESET_SUBJECT': 'mysite/templates/password_reset_subject.txt',\n ...\n }\n\n\nAcknowledgements\n----------------\nThis project began as a fork of django-rest-auth. Thanks to the authors for their great work.\n",
"bugtrack_url": null,
"license": null,
"summary": "Powerful JWT-allauth authentication for Django REST Framework that keeps the device session alive by renewing and whitelisting the refresh token.",
"version": "1.0.3",
"project_urls": {
"Documentation": "https://jwt-allauth.readthedocs.io/",
"Homepage": "https://github.com/castellanos-dev/jwt-allauth",
"Repository": "https://github.com/castellanos-dev/jwt-allauth"
},
"split_keywords": [
"django",
"rest",
"auth",
"registration",
"rest-framework",
"django-registration",
"api",
"allauth",
"jwt",
"whitelist"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "0a2ceb0b8c3ac9a4112216b9e04755538526fd3538f656d1adaea51e5a56895d",
"md5": "0eafa9e04ff0e16d157b7f71f87440bd",
"sha256": "afe00c78cb54f0f329aa4163ca2f1f99874a7067b779b7a183e24e09f08835d1"
},
"downloads": -1,
"filename": "django_jwt_allauth-1.0.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "0eafa9e04ff0e16d157b7f71f87440bd",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 70927,
"upload_time": "2025-08-05T14:33:46",
"upload_time_iso_8601": "2025-08-05T14:33:46.227904Z",
"url": "https://files.pythonhosted.org/packages/0a/2c/eb0b8c3ac9a4112216b9e04755538526fd3538f656d1adaea51e5a56895d/django_jwt_allauth-1.0.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "341ed26468694511e2ab752683116efb2cb147931499112b7480bbf09a6f9f20",
"md5": "26ffbb2a42764efc432cbf7efefaece7",
"sha256": "88a0d500b83f4a2ae529b334b18572fd86987aeb117a629b86bdd989683af41b"
},
"downloads": -1,
"filename": "django-jwt-allauth-1.0.3.tar.gz",
"has_sig": false,
"md5_digest": "26ffbb2a42764efc432cbf7efefaece7",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 44872,
"upload_time": "2025-08-05T14:33:48",
"upload_time_iso_8601": "2025-08-05T14:33:48.465929Z",
"url": "https://files.pythonhosted.org/packages/34/1e/d26468694511e2ab752683116efb2cb147931499112b7480bbf09a6f9f20/django-jwt-allauth-1.0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-08-05 14:33:48",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "castellanos-dev",
"github_project": "django-jwt-allauth",
"github_not_found": true,
"lcname": "django-jwt-allauth"
}
JSON
