Skip to content

iMerica/dj-rest-auth

Repository files navigation

dj-rest-auth

CI PyPI Python Django

Drop-in authentication endpoints for Django REST Framework. Works seamlessly with SPAs and mobile apps.

Documentation | PyPI

Features

  • Login, logout, password change, password reset
  • User registration with email verification
  • JWT authentication with HTTP-only cookies
  • Social auth (Google, GitHub, Facebook) via django-allauth
  • Fully customizable serializers

Architecture

flowchart LR
    Client[Client<br/>React / Vue / Mobile]
    
    subgraph Django
        subgraph dj-rest-auth
            Auth[Login / Logout]
            Reg[Registration]
            PW[Password Reset]
        end
        
        DRF[Django REST Framework]
        DJAuth[django.contrib.auth]
        AA[django-allauth]
        JWT[simplejwt]
    end
    
    Client <--> dj-rest-auth
    
    Auth --> DRF
    Auth --> DJAuth
    Auth -.-> JWT
    Reg -.-> AA
    PW --> DJAuth
Loading

Quick Start

pip install dj-rest-auth
# settings.py
INSTALLED_APPS = [
    ...
    'rest_framework',
    'rest_framework.authtoken',
    'dj_rest_auth',
]
# urls.py
urlpatterns = [
    path('auth/', include('dj_rest_auth.urls')),
]

You now have:

Endpoint Method Description
/auth/login/ POST Obtain auth token
/auth/logout/ POST Revoke token
/auth/user/ GET, PUT User details
/auth/password/change/ POST Change password
/auth/password/reset/ POST Request reset email
/auth/password/reset/confirm/ POST Confirm reset

JWT with HTTP-only Cookies

pip install dj-rest-auth djangorestframework-simplejwt
# settings.py
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'dj_rest_auth.jwt_auth.JWTCookieAuthentication',
    ],
}

REST_AUTH = {
    'USE_JWT': True,
    'JWT_AUTH_COOKIE': 'access',
    'JWT_AUTH_REFRESH_COOKIE': 'refresh',
    'JWT_AUTH_HTTPONLY': True,
}

Registration

pip install 'dj-rest-auth[with-social]'
# settings.py
INSTALLED_APPS = [
    ...
    'django.contrib.sites',
    'allauth',
    'allauth.account',
    'dj_rest_auth.registration',
]

SITE_ID = 1
# urls.py
urlpatterns = [
    path('auth/', include('dj_rest_auth.urls')),
    path('auth/registration/', include('dj_rest_auth.registration.urls')),
]

Documentation

Full documentation at dj-rest-auth.readthedocs.io

Contributing

pip install -r dj_rest_auth/tests/requirements.txt
python runtests.py

See Contributing Guide for details.

License

MIT