| Name | drf-authentify JSON |
| Version |
0.3.4
JSON |
| download |
| home_page | None |
| Summary | A simple authentication module for django rest framework |
| upload_time | 2024-04-20 20:43:07 |
| maintainer | None |
| docs_url | None |
| author | Gabriel Idenyi |
| requires_python | >=3.8 |
| license | BSD 3-Clause License Copyright (c) 2024, Idenyi Gabriel Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| keywords |
django
djangorestframework
drf
authentication
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
Django
djangorestframework
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# DRF Authentify Documentation
<br />
[](https://github.com/idenyigabriel/drf-authentify/actions/workflows/test.yml)
<br/>
[drf-authentify](https://github.com/idenyigabriel/drf-authentify) is a near splitting replica of the simple django rest framework default token system, except better.
The major difference between `django rest framework` default token and `drf-authentify` are:
- `drf-authentify` allows multiple tokens per users
- `drf-authentify` adds extra security layer by using access validation
- bonus: drf-authentify provides utility methods to handle common use cases.
drf authentify aims to be as simple as possible, while providing a great set of features to meet your authentication demands without enforcing a certain pattern to your application flow.
## Requirements
- Python >=3.8
- Django >=3.2
- djangorestframework 3
## Installation
Installation is easy using `pip` and will install all required libraries
```python
$ pip install drf-authentify
```
Then add the `drf-authentify` to your project by including the app to your `INSTALLED_APPS`.
The app should preferably go somewhere after your regular apps.
```python
INSTALLED_APPS = (
...
'drf-authentify'
)
```
`drf-authentify` adds a model to your admin section called AuthToken, with this you can view and manage all tokens created on your applications. We already have a nice setup for you on django admin section.
Finally migrate all database entries.
```
$ python3 manage.py migrate
```
## Global Configuration
For a one type fits all case, you can globally alter the following settings, or leave the default as it is.
```python
DRF_AUTHENTIFY = {
ALLOWED_HEADER_PREFIXES = ["bearer", "token"] # default
TOKEN_EXPIRATION = 3000 # default
COOKIE_KEY = "token" # default
}
```
## Customizing Tokens
- ALLOWED_HEADER_PREFIXES: Here you can provide a list of prefixes that are allowed for your authentication header. We will validate this when you apply our authentication scheme `drf_authentify.auth.TokenAuthentication` as shown below.
- COOKIE_KEY: With this, you can customize what key we should use to retrieve your authentication cookie frmo each request. We will also validate this when you apply our authentication scheme `drf_authentify.auth.CookieAuthentication` as shown below.
- TOKEN_EXPIRATION: With this you can globally set the duration of each token generated, this can also be set per view, as you would see below.
> **Note:**
> Do not forget to add custom header prefixes to your cors-header as this could cause cors errors.
## Creating Tokens
Two utility methods have been provided for you to leverage for creating or generating user tokens on `drf-authentify`. For ease, they are attached to the AuthToken model class.
```python
from drf_authentify.models import AuthToken
def sample_view(request, *arg, **kwargs):
token = AuthToken.generate_cookie_token(user, context=None, expires=3000)
def sample_view(request, *arg, **kwargs):
token = AuthToken.generate_header_token(user, context=None, expires=3000)
```
`drf-authentify` allows you to save contexts alongside your tokens if you need to, also feel free to alter the duration of a token validity using the expires parameters, we'll use the globally set `TOKEN_EXPIRATION` or default if none is provided.
## Deleting Tokens
To delete tokens, simply use one of the three utility methods provides on the AuthToken class.
```python
from drf_authentify.utils import clear_request_tokens, delete_request_token, clear_expired_tokens, clear_user_tokens
# Remove single token based on request authenticated user
delete_request_token(request)
# Remove all user tokens based on request authenticated user
clear_request_tokens(request)
# Remove all tokens for user
clear_user_tokens(user)
# Remove all expired tokens
clear_expired_tokens()
```
## Authentication Schemes
drf authentify provides you with two authentication classes to cover for both broad type of tokens you can generate. These are very import in django rest framework, and can be used either globally or per view.
```python
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'drf_authentify.auth.CookieAuthentication',
'drf_authentify.auth.TokenAuthentication',
]
}
```
By adding this, you can appriopriately check for authentication status and return the user on the request object.
> **Note:**
> For convenience, you can access the current token object in your authenticated view through request.auth, this would allow easy access context which can be used to store authorization scope and other important data.
Raw data
{
"_id": null,
"home_page": null,
"name": "drf-authentify",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "django, djangorestframework, drf, authentication",
"author": "Gabriel Idenyi",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/69/32/3860b6a5d41af1319d73665848dfe6fdf752f2741f9e2f3fdddf7efe8618/drf_authentify-0.3.4.tar.gz",
"platform": null,
"description": "# DRF Authentify Documentation\n\n<br />\n\n[](https://github.com/idenyigabriel/drf-authentify/actions/workflows/test.yml)\n<br/>\n\n[drf-authentify](https://github.com/idenyigabriel/drf-authentify) is a near splitting replica of the simple django rest framework default token system, except better.\n\nThe major difference between `django rest framework` default token and `drf-authentify` are:\n\n- `drf-authentify` allows multiple tokens per users\n- `drf-authentify` adds extra security layer by using access validation\n- bonus: drf-authentify provides utility methods to handle common use cases.\n\ndrf authentify aims to be as simple as possible, while providing a great set of features to meet your authentication demands without enforcing a certain pattern to your application flow.\n\n\n## Requirements\n\n- Python >=3.8\n- Django >=3.2\n- djangorestframework 3\n\n\n## Installation\n\nInstallation is easy using `pip` and will install all required libraries\n\n```python\n$ pip install drf-authentify\n```\n\nThen add the `drf-authentify` to your project by including the app to your `INSTALLED_APPS`.\n\nThe app should preferably go somewhere after your regular apps.\n\n```python\nINSTALLED_APPS = (\n ...\n 'drf-authentify'\n)\n```\n\n`drf-authentify` adds a model to your admin section called AuthToken, with this you can view and manage all tokens created on your applications. We already have a nice setup for you on django admin section.\n\nFinally migrate all database entries.\n\n```\n$ python3 manage.py migrate\n```\n\n\n## Global Configuration\n\nFor a one type fits all case, you can globally alter the following settings, or leave the default as it is.\n\n```python\nDRF_AUTHENTIFY = {\n ALLOWED_HEADER_PREFIXES = [\"bearer\", \"token\"] # default\n TOKEN_EXPIRATION = 3000 # default\n COOKIE_KEY = \"token\" # default\n}\n```\n\n## Customizing Tokens\n\n- ALLOWED_HEADER_PREFIXES: Here you can provide a list of prefixes that are allowed for your authentication header. We will validate this when you apply our authentication scheme `drf_authentify.auth.TokenAuthentication` as shown below.\n\n- COOKIE_KEY: With this, you can customize what key we should use to retrieve your authentication cookie frmo each request. We will also validate this when you apply our authentication scheme `drf_authentify.auth.CookieAuthentication` as shown below.\n\n- TOKEN_EXPIRATION: With this you can globally set the duration of each token generated, this can also be set per view, as you would see below.\n\n> **Note:**\n> Do not forget to add custom header prefixes to your cors-header as this could cause cors errors.\n\n\n## Creating Tokens\n\nTwo utility methods have been provided for you to leverage for creating or generating user tokens on `drf-authentify`. For ease, they are attached to the AuthToken model class.\n\n```python\nfrom drf_authentify.models import AuthToken\n\ndef sample_view(request, *arg, **kwargs):\n token = AuthToken.generate_cookie_token(user, context=None, expires=3000)\n\ndef sample_view(request, *arg, **kwargs):\n token = AuthToken.generate_header_token(user, context=None, expires=3000)\n\n```\n\n`drf-authentify` allows you to save contexts alongside your tokens if you need to, also feel free to alter the duration of a token validity using the expires parameters, we'll use the globally set `TOKEN_EXPIRATION` or default if none is provided.\n\n\n## Deleting Tokens\n\nTo delete tokens, simply use one of the three utility methods provides on the AuthToken class.\n\n```python\nfrom drf_authentify.utils import clear_request_tokens, delete_request_token, clear_expired_tokens, clear_user_tokens\n\n# Remove single token based on request authenticated user\ndelete_request_token(request) \n\n# Remove all user tokens based on request authenticated user\nclear_request_tokens(request) \n\n# Remove all tokens for user\nclear_user_tokens(user) \n\n# Remove all expired tokens\nclear_expired_tokens()\n```\n\n\n## Authentication Schemes\n\ndrf authentify provides you with two authentication classes to cover for both broad type of tokens you can generate. These are very import in django rest framework, and can be used either globally or per view.\n\n```python\nREST_FRAMEWORK = {\n 'DEFAULT_AUTHENTICATION_CLASSES': [\n 'drf_authentify.auth.CookieAuthentication',\n 'drf_authentify.auth.TokenAuthentication',\n ]\n}\n```\n\nBy adding this, you can appriopriately check for authentication status and return the user on the request object.\n\n> **Note:**\n> For convenience, you can access the current token object in your authenticated view through request.auth, this would allow easy access context which can be used to store authorization scope and other important data.\n",
"bugtrack_url": null,
"license": "BSD 3-Clause License Copyright (c) 2024, Idenyi Gabriel Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ",
"summary": "A simple authentication module for django rest framework",
"version": "0.3.4",
"project_urls": {
"Changelog": "https://github.com/idenyigabriel/drf-authentify/blob/main/CHANGELOG.md",
"Documentation": "https://github.com/idenyigabriel/drf-authentify/blob/main/README.md",
"Homepage": "https://github.com/idenyigabriel/drf-authentify",
"Issues": "https://github.com/idenyigabriel/drf-authentify/issues",
"Repository": "https://github.com/idenyigabriel/drf-authentify"
},
"split_keywords": [
"django",
" djangorestframework",
" drf",
" authentication"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "1c5e3655ae25937f3cc2061e9faa6d2f61a6895f6db285e8bef87b5ccf34f953",
"md5": "ac5388305a11cab8f3c956f95980266e",
"sha256": "dff2ad1f70fa92ad9c742cae876cdfb0c8308007e21a7d6dacfaff52c34202e6"
},
"downloads": -1,
"filename": "drf_authentify-0.3.4-py3-none-any.whl",
"has_sig": false,
"md5_digest": "ac5388305a11cab8f3c956f95980266e",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 13552,
"upload_time": "2024-04-20T20:42:59",
"upload_time_iso_8601": "2024-04-20T20:42:59.855003Z",
"url": "https://files.pythonhosted.org/packages/1c/5e/3655ae25937f3cc2061e9faa6d2f61a6895f6db285e8bef87b5ccf34f953/drf_authentify-0.3.4-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "69323860b6a5d41af1319d73665848dfe6fdf752f2741f9e2f3fdddf7efe8618",
"md5": "9b4899a1a8cbb3c42a7c1bda385cedd5",
"sha256": "7b0d857df73ee00e4dd4ae72d7448cde6f67dc719888161e20c8f73f5483dcfd"
},
"downloads": -1,
"filename": "drf_authentify-0.3.4.tar.gz",
"has_sig": false,
"md5_digest": "9b4899a1a8cbb3c42a7c1bda385cedd5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 12268,
"upload_time": "2024-04-20T20:43:07",
"upload_time_iso_8601": "2024-04-20T20:43:07.020514Z",
"url": "https://files.pythonhosted.org/packages/69/32/3860b6a5d41af1319d73665848dfe6fdf752f2741f9e2f3fdddf7efe8618/drf_authentify-0.3.4.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-20 20:43:07",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "idenyigabriel",
"github_project": "drf-authentify",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "Django",
"specs": [
[
"==",
"3.2"
]
]
},
{
"name": "djangorestframework",
"specs": [
[
"==",
"3.15.1"
]
]
}
],
"lcname": "drf-authentify"
}
