| Name | drf-auth-kit JSON |
| Version |
0.2.7
JSON |
| download |
| home_page | None |
| Summary | Modern Django REST Framework authentication toolkit with JWT cookies, social login, and 2FA support |
| upload_time | 2025-07-12 13:34:26 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | <4.0,>=3.10 |
| license | MIT License
Copyright (c) 2025, Huy Nguyen
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE. |
| keywords |
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
|
DRF AUTH KIT
============
.. image:: https://img.shields.io/pypi/v/drf-auth-kit
:target: https://pypi.org/project/drf-auth-kit/
:alt: PyPI
.. image:: https://codecov.io/github/forthecraft/drf-auth-kit/graph/badge.svg?token=lpj7sFpe3F
:target: https://codecov.io/github/forthecraft/drf-auth-kit
:alt: Code Coverage
.. image:: https://github.com/forthecraft/drf-auth-kit/actions/workflows/test.yml/badge.svg?branch=main
:target: https://github.com/forthecraft/drf-auth-kit/actions/workflows/test.yml
:alt: Test
.. image:: https://www.mypy-lang.org/static/mypy_badge.svg
:target: https://mypy-lang.org/
:alt: Checked with mypy
.. image:: https://microsoft.github.io/pyright/img/pyright_badge.svg
:target: https://microsoft.github.io/pyright/
:alt: Checked with pyright
.. image:: https://drf-auth-kit.readthedocs.io/en/latest/_static/interrogate_badge.svg
:target: https://github.com/forthecraft/drf-auth-kit
:alt: Docstring
Modern Django REST Framework authentication toolkit with JWT cookies, social login, MFA, and comprehensive user management.
Built as a next-generation alternative to existing DRF authentication packages, DRF Auth Kit provides a complete authentication solution with modern developer experience, inspired by dj-rest-auth but enhanced with full type safety, automatic OpenAPI schema generation, and comprehensive MFA support inspired by django-trench.
Features
--------
- **Multiple Authentication Types**: JWT (default), DRF Token, or Custom
- **Cookie-Based Security**: HTTP-only cookies
- **Complete User Management**: Registration, password reset, email verification
- **Multi-Factor Authentication**: Support multiple MFAs with backup codes
- **Social Authentication**: Django Allauth integration with 50+ providers, support for both OAuth2 and OpenID connect.
- **Internationalization**: Built-in support for 57 languages including English, Spanish, French, German, Chinese, Japanese, Korean, Vietnamese, and more
- **Full Type Safety**: Complete type hints with mypy and pyright
- **OpenAPI Integration**: Auto-generated API documentation with DRF Spectacular
- **Flexible Configuration**: Customizable serializers, views, and authentication backends
Installation
------------
.. code-block:: bash
pip install drf-auth-kit
**Optional Features:**
.. code-block:: bash
# For MFA support
pip install drf-auth-kit[mfa]
# For social authentication
pip install drf-auth-kit[social]
# For both MFA and social
pip install drf-auth-kit[all]
**Core Dependencies:** Django 5.0+, DRF 3.0+, Django Allauth, DRF SimpleJWT
Quick Start
-----------
1. Add to your Django settings:
.. code-block:: python
INSTALLED_APPS = [
# ... your apps
'rest_framework',
'allauth', # Required for social auth
'allauth.account', # Required for social auth
# 'allauth.socialaccount', # For social login
# 'allauth.socialaccount.providers.google', # For Google login
'auth_kit',
# 'auth_kit.social', # For social authentication
# 'auth_kit.mfa', # For MFA support
]
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'auth_kit.authentication.AuthKitAuthentication',
],
}
# Override only if needed:
# AUTH_KIT = {
# 'USE_MFA': True, # Enable MFA
# }
# Google OAuth2 settings (for social login)
# SOCIALACCOUNT_PROVIDERS = {
# 'google': {
# 'SCOPE': ['profile', 'email'],
# 'AUTH_PARAMS': {'access_type': 'online'},
# 'OAUTH_PKCE_ENABLED': True,
# 'APP': {
# 'client_id': 'your-google-client-id',
# 'secret': 'your-google-client-secret',
# }
# }
# }
2. Include Auth Kit URLs:
.. code-block:: python
from django.urls import path, include
urlpatterns = [
path('api/auth/', include('auth_kit.urls')),
# path('api/auth/social/', include('auth_kit.social.urls')), # For social auth
# ... your other URLs
]
3. Run migrations (only needed if using MFA):
.. code-block:: bash
python manage.py migrate
Authentication Types
--------------------
**JWT Authentication (Recommended)**
- Access and refresh tokens
- Automatic token refresh
- Secure cookie storage
**DRF Token Authentication**
- Simple token-based auth
- Compatible with DRF TokenAuthentication
- Cookie support available
**Custom Authentication**
- Bring your own authentication backend
- Full customization support
- Integrate with third-party services
Documentation
-------------
Please visit `DRF Auth Kit docs <https://drf-auth-kit.readthedocs.io/>`_ for complete documentation, including:
- Detailed configuration options
- Custom serializer examples
- Advanced usage patterns
- Integration guides
Upcoming Features
-----------------
**Enhanced Multi-Factor Authentication**
- ☐ **Hardware Security Keys**: YubiKey and FIDO2/WebAuthn support
- ☐ **SMS & Voice**: Twilio integration for SMS and voice-based MFA
- ☐ **Authenticator Apps**: Enhanced TOTP support (Google Authenticator, Authy, etc.)
- ☐ **Trusted Devices**: Remember MFA verification for trusted browsers/sessions
**Passwordless Authentication**
- ☐ **WebAuthn**: Biometric and hardware key authentication
- ☐ **Magic Links**: Email-based passwordless login
- ☐ **SMS Login**: One-time password via SMS
**Advanced Security Features**
- ☐ **Rate Limiting**: Configurable rate limits for authentication endpoints
- ☐ **Account Lockout**: Progressive delays and temporary account locks
- ☐ **Audit Logging**: Comprehensive security event logging
- ☐ **Geographic Restrictions**: IP-based access controls and geo-blocking
Contributing
------------
Contributions are welcome! Please feel free to submit a Pull Request.
License
-------
This project is licensed under the MIT License - see the LICENSE file for details.
Raw data
{
"_id": null,
"home_page": null,
"name": "drf-auth-kit",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.10",
"maintainer_email": null,
"keywords": null,
"author": null,
"author_email": "Huy Nguyen <danghuy1999@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/e3/bd/343403023b709681518b77d811a2956002f085c0b995c263daf8ad7f0d52/drf_auth_kit-0.2.7.tar.gz",
"platform": null,
"description": "DRF AUTH KIT\n============\n\n.. image:: https://img.shields.io/pypi/v/drf-auth-kit\n :target: https://pypi.org/project/drf-auth-kit/\n :alt: PyPI\n\n.. image:: https://codecov.io/github/forthecraft/drf-auth-kit/graph/badge.svg?token=lpj7sFpe3F\n :target: https://codecov.io/github/forthecraft/drf-auth-kit\n :alt: Code Coverage\n\n.. image:: https://github.com/forthecraft/drf-auth-kit/actions/workflows/test.yml/badge.svg?branch=main\n :target: https://github.com/forthecraft/drf-auth-kit/actions/workflows/test.yml\n :alt: Test\n\n.. image:: https://www.mypy-lang.org/static/mypy_badge.svg\n :target: https://mypy-lang.org/\n :alt: Checked with mypy\n\n.. image:: https://microsoft.github.io/pyright/img/pyright_badge.svg\n :target: https://microsoft.github.io/pyright/\n :alt: Checked with pyright\n\n.. image:: https://drf-auth-kit.readthedocs.io/en/latest/_static/interrogate_badge.svg\n :target: https://github.com/forthecraft/drf-auth-kit\n :alt: Docstring\n\nModern Django REST Framework authentication toolkit with JWT cookies, social login, MFA, and comprehensive user management.\n\nBuilt as a next-generation alternative to existing DRF authentication packages, DRF Auth Kit provides a complete authentication solution with modern developer experience, inspired by dj-rest-auth but enhanced with full type safety, automatic OpenAPI schema generation, and comprehensive MFA support inspired by django-trench.\n\nFeatures\n--------\n\n- **Multiple Authentication Types**: JWT (default), DRF Token, or Custom\n- **Cookie-Based Security**: HTTP-only cookies\n- **Complete User Management**: Registration, password reset, email verification\n- **Multi-Factor Authentication**: Support multiple MFAs with backup codes\n- **Social Authentication**: Django Allauth integration with 50+ providers, support for both OAuth2 and OpenID connect.\n- **Internationalization**: Built-in support for 57 languages including English, Spanish, French, German, Chinese, Japanese, Korean, Vietnamese, and more\n- **Full Type Safety**: Complete type hints with mypy and pyright\n- **OpenAPI Integration**: Auto-generated API documentation with DRF Spectacular\n- **Flexible Configuration**: Customizable serializers, views, and authentication backends\n\nInstallation\n------------\n\n.. code-block:: bash\n\n pip install drf-auth-kit\n\n**Optional Features:**\n\n.. code-block:: bash\n\n # For MFA support\n pip install drf-auth-kit[mfa]\n\n # For social authentication\n pip install drf-auth-kit[social]\n\n # For both MFA and social\n pip install drf-auth-kit[all]\n\n**Core Dependencies:** Django 5.0+, DRF 3.0+, Django Allauth, DRF SimpleJWT\n\nQuick Start\n-----------\n\n1. Add to your Django settings:\n\n.. code-block:: python\n\n INSTALLED_APPS = [\n # ... your apps\n 'rest_framework',\n 'allauth', # Required for social auth\n 'allauth.account', # Required for social auth\n # 'allauth.socialaccount', # For social login\n # 'allauth.socialaccount.providers.google', # For Google login\n 'auth_kit',\n # 'auth_kit.social', # For social authentication\n # 'auth_kit.mfa', # For MFA support\n ]\n\n REST_FRAMEWORK = {\n 'DEFAULT_AUTHENTICATION_CLASSES': [\n 'auth_kit.authentication.AuthKitAuthentication',\n ],\n }\n\n # Override only if needed:\n # AUTH_KIT = {\n # 'USE_MFA': True, # Enable MFA\n # }\n\n # Google OAuth2 settings (for social login)\n # SOCIALACCOUNT_PROVIDERS = {\n # 'google': {\n # 'SCOPE': ['profile', 'email'],\n # 'AUTH_PARAMS': {'access_type': 'online'},\n # 'OAUTH_PKCE_ENABLED': True,\n # 'APP': {\n # 'client_id': 'your-google-client-id',\n # 'secret': 'your-google-client-secret',\n # }\n # }\n # }\n\n2. Include Auth Kit URLs:\n\n.. code-block:: python\n\n from django.urls import path, include\n\n urlpatterns = [\n path('api/auth/', include('auth_kit.urls')),\n # path('api/auth/social/', include('auth_kit.social.urls')), # For social auth\n # ... your other URLs\n ]\n\n3. Run migrations (only needed if using MFA):\n\n.. code-block:: bash\n\n python manage.py migrate\n\nAuthentication Types\n--------------------\n\n**JWT Authentication (Recommended)**\n - Access and refresh tokens\n - Automatic token refresh\n - Secure cookie storage\n\n**DRF Token Authentication**\n - Simple token-based auth\n - Compatible with DRF TokenAuthentication\n - Cookie support available\n\n**Custom Authentication**\n - Bring your own authentication backend\n - Full customization support\n - Integrate with third-party services\n\nDocumentation\n-------------\n\nPlease visit `DRF Auth Kit docs <https://drf-auth-kit.readthedocs.io/>`_ for complete documentation, including:\n\n- Detailed configuration options\n- Custom serializer examples\n- Advanced usage patterns\n- Integration guides\n\nUpcoming Features\n-----------------\n\n**Enhanced Multi-Factor Authentication**\n\n- \u2610 **Hardware Security Keys**: YubiKey and FIDO2/WebAuthn support\n- \u2610 **SMS & Voice**: Twilio integration for SMS and voice-based MFA\n- \u2610 **Authenticator Apps**: Enhanced TOTP support (Google Authenticator, Authy, etc.)\n- \u2610 **Trusted Devices**: Remember MFA verification for trusted browsers/sessions\n\n**Passwordless Authentication**\n\n- \u2610 **WebAuthn**: Biometric and hardware key authentication\n- \u2610 **Magic Links**: Email-based passwordless login\n- \u2610 **SMS Login**: One-time password via SMS\n\n**Advanced Security Features**\n\n- \u2610 **Rate Limiting**: Configurable rate limits for authentication endpoints\n- \u2610 **Account Lockout**: Progressive delays and temporary account locks\n- \u2610 **Audit Logging**: Comprehensive security event logging\n- \u2610 **Geographic Restrictions**: IP-based access controls and geo-blocking\n\nContributing\n------------\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\nLicense\n-------\n\nThis project is licensed under the MIT License - see the LICENSE file for details.\n",
"bugtrack_url": null,
"license": "MIT License\n \n Copyright (c) 2025, Huy Nguyen\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n of this software and associated documentation files (the \"Software\"), to deal\n in the Software without restriction, including without limitation the rights\n to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n copies of the Software, and to permit persons to whom the Software is\n furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n SOFTWARE.",
"summary": "Modern Django REST Framework authentication toolkit with JWT cookies, social login, and 2FA support",
"version": "0.2.7",
"project_urls": {
"Documentation": "https://drf-auth-kit.readthedocs.io/",
"Homepage": "https://github.com/forthecraft/drf-auth-kit",
"Repository": "https://github.com/forthecraft/drf-auth-kit"
},
"split_keywords": [],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "972b92c0551da4f667ec9c28b70e04e08e4dc4756cbc39f4ded3184511553e95",
"md5": "f836978171c563b169176e5d9d8b8503",
"sha256": "aa1ec960adbcc12fc3bb119b83876cc5a57aade9de713d165cc5491ad984c075"
},
"downloads": -1,
"filename": "drf_auth_kit-0.2.7-py3-none-any.whl",
"has_sig": false,
"md5_digest": "f836978171c563b169176e5d9d8b8503",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.10",
"size": 463853,
"upload_time": "2025-07-12T13:34:24",
"upload_time_iso_8601": "2025-07-12T13:34:24.828083Z",
"url": "https://files.pythonhosted.org/packages/97/2b/92c0551da4f667ec9c28b70e04e08e4dc4756cbc39f4ded3184511553e95/drf_auth_kit-0.2.7-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "e3bd343403023b709681518b77d811a2956002f085c0b995c263daf8ad7f0d52",
"md5": "9e4399b3facd1152cd33687363b172a9",
"sha256": "3aba8c150e4cee9087fb622b2f4c62bcee621984685ff5d9fe95a983d16462e8"
},
"downloads": -1,
"filename": "drf_auth_kit-0.2.7.tar.gz",
"has_sig": false,
"md5_digest": "9e4399b3facd1152cd33687363b172a9",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.10",
"size": 250334,
"upload_time": "2025-07-12T13:34:26",
"upload_time_iso_8601": "2025-07-12T13:34:26.574215Z",
"url": "https://files.pythonhosted.org/packages/e3/bd/343403023b709681518b77d811a2956002f085c0b995c263daf8ad7f0d52/drf_auth_kit-0.2.7.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-12 13:34:26",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "forthecraft",
"github_project": "drf-auth-kit",
"travis_ci": false,
"coveralls": true,
"github_actions": true,
"tox": true,
"lcname": "drf-auth-kit"
}
