{"id":15152750,"url":"https://github.com/anexia/drf-simple-access-key","last_synced_at":"2025-04-09T17:25:13.803Z","repository":{"id":46337721,"uuid":"417509293","full_name":"anexia/drf-simple-access-key","owner":"anexia","description":"A library that provides a simple token authorization for Django REST framework.","archived":false,"fork":false,"pushed_at":"2024-11-05T13:59:18.000Z","size":25,"stargazers_count":0,"open_issues_count":1,"forks_count":4,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-03-23T12:04:46.762Z","etag":null,"topics":["django","django-rest-framework","drf","hacktoberfest","python"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/anexia.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-10-15T13:27:38.000Z","updated_at":"2024-11-05T13:58:38.000Z","dependencies_parsed_at":"2022-09-15T16:10:11.662Z","dependency_job_id":null,"html_url":"https://github.com/anexia/drf-simple-access-key","commit_stats":null,"previous_names":["anexia-it/drf-simple-access-key"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anexia%2Fdrf-simple-access-key","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anexia%2Fdrf-simple-access-key/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anexia%2Fdrf-simple-access-key/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anexia%2Fdrf-simple-access-key/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/anexia","download_url":"https://codeload.github.com/anexia/drf-simple-access-key/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248075804,"owners_count":21043650,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["django","django-rest-framework","drf","hacktoberfest","python"],"created_at":"2024-09-26T16:22:26.115Z","updated_at":"2025-04-09T17:25:13.771Z","avatar_url":"https://github.com/anexia.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DRF Simple Access Key\n\n[![PyPI](https://badge.fury.io/py/drf-simple-access-key.svg)](https://pypi.org/project/drf-simple-access-key/)\n[![Test Status](https://github.com/anexia/drf-simple-access-key/actions/workflows/test.yml/badge.svg?branch=main)](https://github.com/anexia/drf-simple-access-key/actions/workflows/test.yml)\n[![Codecov](https://codecov.io/gh/anexia/drf-simple-access-key/branch/main/graph/badge.svg)](https://codecov.io/gh/anexia/drf-simple-access-key)\n\nA library that provides a simple token authorization for Django REST framework.\n\n## Installation\n\nWith a [correctly configured](https://pipenv.pypa.io/en/latest/basics/#basic-usage-of-pipenv) `pipenv` toolchain:\n\n```sh\npipenv install drf-simple-access-key\n```\n\nYou may also use classic `pip` to install the package:\n\n```sh\npip install drf-simple-access-key\n```\n\n### Auto-formatter setup\nWe use isort (https://github.com/pycqa/isort) and black (https://github.com/psf/black) for local auto-formatting and for linting in the CI pipeline.\nThe pre-commit framework (https://pre-commit.com) provides GIT hooks for these tools, so they are automatically applied before every commit.\n\nSteps to activate:\n* Install the pre-commit framework: `pip install pre-commit` (for alternative installation options see https://pre-commit.com/#install)\n* Activate the framework (from the root directory of the repository): `pre-commit install`\n\nHint: You can also run the formatters manually at any time with the following command: `pre-commit run --all-files`\n\n\n## Getting started\n\n### Configuration options\n\n#### `HTTP_AUTHORIZATION_HEADER: str`\n\nDefault: `'x-authorization'`\n\nName of the HTTP request header used for authorization.\n\n#### `HTTP_AUTHORIZATION_SCHEME: str`\n\nDefault: `'bearer'`\n\nName of the HTTP authorization scheme.\n\n#### `AUTHORIZATION_KEYS: list[str]`\n\nDefault: `[]`\n\nList of valid authorization keys. Note that any request is allowed if this configuration option is empty!\n\n### Example configuration for Django settings\n\n```python\nSIMPLE_ACCESS_KEY_SETTINGS = {\n    'HTTP_AUTHORIZATION_HEADER': 'x-authorization',\n    'HTTP_AUTHORIZATION_SCHEME': 'bearer',\n    'AUTHORIZATION_KEYS': [\n        'example-token-1234',\n    ],\n}\n\nREST_FRAMEWORK = {\n    # ...\n    'DEFAULT_PERMISSION_CLASSES': [\n        'drf_simple_access_key.SimpleAccessKey',\n        # ...\n    ],\n    # ...\n}\n```\n\n### How to use\n\nAll API endpoints that use the permission class are protected by the simple access key authorization.\n\n```\nGET http://my.tld/api/v1/resource/\nx-authorization: bearer example-token-1234\n```\n\n### When to use\n\nThis library provides the simplest possible solution to protect a REST API from unauthorized access. It allows anyone in possession of a valid key to access the endpoints without the possibility of user authentication. This type of authorization is well suited for microservices that users cannot access directly.\n\n**In summary this means:**  \n✔️ Use this authorization only if access to the REST API is possible from known and trusted sources only (e.g. an API gateway).  \n✔️ Use this authorization only if no user authentication is required within the REST API.  \n❌ Never use this authorization if the REST API is publicly accessible over the Internet.  \n❌ Never use this authorization if the consumers of the REST API are real users, and not exclusively systems such as an API gateway.  \n\n## Supported versions\n\n|             | Django REST framework 3.14 | Django REST framework 3.15 |\n|-------------|----------------------------|----------------------------|\n| Python 3.9  | ✓                          | ✓                          |\n| Python 3.10 | ✓                          | ✓                          |\n| Python 3.11 | ✓                          | ✓                          |\n| Python 3.12 | ✓                          | ✓                          |\n| Python 3.13 | ✓                          | ✓                          |\n\n## Tests\n\nSee folder [tests/](tests/). Basically, all endpoints are covered with multiple\nunit tests.\n\nFollow below instructions to run the tests.\nYou may exchange the installed Django and DRF versions according to your requirements. \n:warning: Depending on your local environment settings you might need to explicitly call `python3` instead of `python`.\n```bash\n# install dependencies\npython -m pip install --upgrade pip\npip install -r requirements.txt\n\n# setup environment\npip install -e .\n\n# run tests\ncd tests \u0026\u0026 python manage.py test\n```\n\n## List of developers\n\n* Andreas Stocker \u003cAStocker@anexia-it.com\u003e\n* Harald Nezbeda \u003cHNezbeda@anexia-it.com\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanexia%2Fdrf-simple-access-key","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fanexia%2Fdrf-simple-access-key","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanexia%2Fdrf-simple-access-key/lists"}