# Django-Rest-Durin
[](https://pypi.org/project/django-rest-durin/)
[](https://github.com/Eshaan7/django-rest-durin/actions?query=workflow%3A%22Linter+%26+Tests%22)
[](https://codecov.io/gh/Eshaan7/django-rest-durin/)
[](https://www.codefactor.io/repository/github/eshaan7/django-rest-durin)
<a href="https://lgtm.com/projects/g/Eshaan7/django-rest-durin/context:python">
<img alt="Language grade: Python" src="https://img.shields.io/lgtm/grade/python/g/Eshaan7/django-rest-durin.svg?logo=lgtm&logoWidth=18"/>
</a>
Per API client token authentication Module for [Django REST Framework](http://www.django-rest-framework.org/).
The idea is to provide one library that does token auth for multiple Web/CLI/Mobile API clients (i.e. devices/user-agents) via one interface but allows different token configuration for each client.
Durin authentication is token based, similar to the `TokenAuthentication`
built in to DRF. However, it adds some extra sauce:
- Durin allows **multiple tokens per user**. But only one token each user per API client.
- Each user token is associated with an API Client.
- These API Clients are configurable via Django's Admin Interface.
- Includes [permission enforcing](https://django-rest-durin.readthedocs.io/en/latest/permissions.html) to allow only specific clients to make authenticated requests to certain `APIViews` or vice-a-versa.
- Configure [Rate-Throttling](https://django-rest-durin.readthedocs.io/en/latest/throttling.html) per User <-> Client pair.
- Durin provides an option for a logged in user to **remove all tokens** that the server has - forcing them to re-authenticate for all API clients.
- Durin **tokens can be renewed** to get a fresh expiry.
- Durin provides a `CachedTokenAuthentication` backend as well which uses memoization for faster look ups.
- Durin provides **Session Management** features. Refer to [Session Management Views](https://django-rest-durin.readthedocs.io/en/latest/views.html#session-management-views) i.e.,
- REST view for an authenticated user to get list of sessions (in context of django-rest-durin, this means `AuthToken` instances) and revoke a session. Useful for pages like "View active browser sessions".
- REST view for an authenticated user to get/create/delete token against a pre-defined client. Useful for pages like "Get API key" where a user can get an API key to be able to interact directly with your project's RESTful API using cURL or a custom client.
More information can be found in the [Documentation](https://django-rest-durin.readthedocs.io/en/latest/installation.html). I'd also recommend going through the `example_project/` included in this repository.
## Django Compatibility Matrix
If your project uses an older verison of Django or Django Rest Framework, you can choose an older version of this project.
| This Project | Python Version | Django Version | Django Rest Framework |
| ------------ | -------------- | ----------------------- | --------------------- |
| 0.1+ | 3.5 - 3.10 | 2.2, 3.0, 3.1, 3.2, 4.0 | 3.7>= |
Make sure to use at least `DRF 3.10` when using `Django 3.0` or newer.
## Changelog / Releases
All releases should be listed in the [releases tab on GitHub](https://github.com/Eshaan7/django-rest-durin/releases).
See [CHANGELOG](https://django-rest-durin.readthedocs.io/en/latest/changelog.html) for a more detailed listing.
## License
This project is published with the [MIT License](LICENSE). See [https://choosealicense.com/licenses/mit/](https://choosealicense.com/licenses/mit/) for more information about what this means.
## Credits
Durin is inpired by the [django-rest-knox](https://github.com/James1345/django-rest-knox) and [django-rest-multitokenauth](https://github.com/anexia-it/django-rest-multitokenauth) libraries and adopts some learnings and code from both.
Raw data
{
"_id": null,
"home_page": "https://github.com/eshaan7/django-rest-durin",
"name": "django-rest-durin",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "django rest authentication login token client auth",
"author": "Eshaan Bansal",
"author_email": "eshaan7bansal@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/6a/c5/e8d205105b8d7447b265e2839330c3430ef321efc66c275aef9a13ca36ab/django-rest-durin-1.1.0.tar.gz",
"platform": null,
"description": "# Django-Rest-Durin\n\n[](https://pypi.org/project/django-rest-durin/)\n[](https://github.com/Eshaan7/django-rest-durin/actions?query=workflow%3A%22Linter+%26+Tests%22)\n[](https://codecov.io/gh/Eshaan7/django-rest-durin/)\n[](https://www.codefactor.io/repository/github/eshaan7/django-rest-durin)\n<a href=\"https://lgtm.com/projects/g/Eshaan7/django-rest-durin/context:python\">\n<img alt=\"Language grade: Python\" src=\"https://img.shields.io/lgtm/grade/python/g/Eshaan7/django-rest-durin.svg?logo=lgtm&logoWidth=18\"/>\n</a>\n\nPer API client token authentication Module for [Django REST Framework](http://www.django-rest-framework.org/).\n\nThe idea is to provide one library that does token auth for multiple Web/CLI/Mobile API clients (i.e. devices/user-agents) via one interface but allows different token configuration for each client.\n\nDurin authentication is token based, similar to the `TokenAuthentication`\nbuilt in to DRF. However, it adds some extra sauce:\n\n- Durin allows **multiple tokens per user**. But only one token each user per API client.\n- Each user token is associated with an API Client.\n - These API Clients are configurable via Django's Admin Interface.\n - Includes [permission enforcing](https://django-rest-durin.readthedocs.io/en/latest/permissions.html) to allow only specific clients to make authenticated requests to certain `APIViews` or vice-a-versa.\n - Configure [Rate-Throttling](https://django-rest-durin.readthedocs.io/en/latest/throttling.html) per User <-> Client pair.\n- Durin provides an option for a logged in user to **remove all tokens** that the server has - forcing them to re-authenticate for all API clients.\n- Durin **tokens can be renewed** to get a fresh expiry.\n- Durin provides a `CachedTokenAuthentication` backend as well which uses memoization for faster look ups.\n- Durin provides **Session Management** features. Refer to [Session Management Views](https://django-rest-durin.readthedocs.io/en/latest/views.html#session-management-views) i.e.,\n - REST view for an authenticated user to get list of sessions (in context of django-rest-durin, this means `AuthToken` instances) and revoke a session. Useful for pages like \"View active browser sessions\".\n - REST view for an authenticated user to get/create/delete token against a pre-defined client. Useful for pages like \"Get API key\" where a user can get an API key to be able to interact directly with your project's RESTful API using cURL or a custom client.\n\nMore information can be found in the [Documentation](https://django-rest-durin.readthedocs.io/en/latest/installation.html). I'd also recommend going through the `example_project/` included in this repository.\n\n## Django Compatibility Matrix\n\n\n\nIf your project uses an older verison of Django or Django Rest Framework, you can choose an older version of this project.\n\n| This Project | Python Version | Django Version | Django Rest Framework |\n| ------------ | -------------- | ----------------------- | --------------------- |\n| 0.1+ | 3.5 - 3.10 | 2.2, 3.0, 3.1, 3.2, 4.0 | 3.7>= |\n\nMake sure to use at least `DRF 3.10` when using `Django 3.0` or newer.\n\n## Changelog / Releases\n\nAll releases should be listed in the [releases tab on GitHub](https://github.com/Eshaan7/django-rest-durin/releases).\n\nSee [CHANGELOG](https://django-rest-durin.readthedocs.io/en/latest/changelog.html) for a more detailed listing.\n\n## License\n\nThis project is published with the [MIT License](LICENSE). See [https://choosealicense.com/licenses/mit/](https://choosealicense.com/licenses/mit/) for more information about what this means.\n\n## Credits\n\nDurin is inpired by the [django-rest-knox](https://github.com/James1345/django-rest-knox) and [django-rest-multitokenauth](https://github.com/anexia-it/django-rest-multitokenauth) libraries and adopts some learnings and code from both.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Per API client token authentication Module for django rest framework.",
"version": "1.1.0",
"split_keywords": [
"django",
"rest",
"authentication",
"login",
"token",
"client",
"auth"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "719c63e24bb5ac6e5f407e12c91519f1",
"sha256": "8f48e77b29a0b35e128ca6f35cb22941bfee8559dfb75f5bc7e81c893a4c5b8d"
},
"downloads": -1,
"filename": "django_rest_durin-1.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "719c63e24bb5ac6e5f407e12c91519f1",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 20504,
"upload_time": "2022-10-31T18:13:59",
"upload_time_iso_8601": "2022-10-31T18:13:59.288089Z",
"url": "https://files.pythonhosted.org/packages/5d/a4/395516bdb90c4da6c1979f7aba61ef7d4bf33c915302d8dbd4a44d3bde6f/django_rest_durin-1.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "45a875f335df52b838a18e2e744980e3",
"sha256": "64e9f1706a6efc3de699ab0808990120228747c18d5826016cd05f37984e2776"
},
"downloads": -1,
"filename": "django-rest-durin-1.1.0.tar.gz",
"has_sig": false,
"md5_digest": "45a875f335df52b838a18e2e744980e3",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 16099,
"upload_time": "2022-10-31T18:14:01",
"upload_time_iso_8601": "2022-10-31T18:14:01.006343Z",
"url": "https://files.pythonhosted.org/packages/6a/c5/e8d205105b8d7447b265e2839330c3430ef321efc66c275aef9a13ca36ab/django-rest-durin-1.1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-10-31 18:14:01",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "eshaan7",
"github_project": "django-rest-durin",
"travis_ci": false,
"coveralls": true,
"github_actions": true,
"tox": true,
"lcname": "django-rest-durin"
}
JSON
