{"id":27028034,"url":"https://github.com/ankurjaiswalofficial/django-api-auth","last_synced_at":"2026-05-16T08:11:17.459Z","repository":{"id":283094953,"uuid":"950549580","full_name":"ankurjaiswalofficial/django-api-auth","owner":"ankurjaiswalofficial","description":"Django Rest API Security using Middlewares and CORS Headers along with TOKEN, SESSION, BASIC AUTH, APIKEY and HAWK Authentications ","archived":false,"fork":false,"pushed_at":"2025-03-26T09:43:49.000Z","size":668,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-05T00:20:55.587Z","etag":null,"topics":["apikey-authentication","cors","django","django-cors-headers","django-rest-framework","express-js","hawk-api","middleware","node-server","session-authentication","token-authetication"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ankurjaiswalofficial.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-18T10:35:15.000Z","updated_at":"2025-03-26T14:54:40.000Z","dependencies_parsed_at":"2025-03-18T15:25:13.743Z","dependency_job_id":"fa6ae187-847b-4cec-83a2-12c87f374e69","html_url":"https://github.com/ankurjaiswalofficial/django-api-auth","commit_stats":null,"previous_names":["ankurjaiswalofficial/django-api-auth"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ankurjaiswalofficial/django-api-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankurjaiswalofficial%2Fdjango-api-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankurjaiswalofficial%2Fdjango-api-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankurjaiswalofficial%2Fdjango-api-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankurjaiswalofficial%2Fdjango-api-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ankurjaiswalofficial","download_url":"https://codeload.github.com/ankurjaiswalofficial/django-api-auth/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankurjaiswalofficial%2Fdjango-api-auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274852289,"owners_count":25361777,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-12T02:00:09.324Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apikey-authentication","cors","django","django-cors-headers","django-rest-framework","express-js","hawk-api","middleware","node-server","session-authentication","token-authetication"],"created_at":"2025-04-05T00:19:49.641Z","updated_at":"2026-05-16T08:11:12.416Z","avatar_url":"https://github.com/ankurjaiswalofficial.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Django API Authentication Project\n\nThis project demonstrates how to set up a Django project with API authentication using Django REST framework.\n\n## Prerequisites\n\n- Python 3.8 or higher\n- pip (Python package installer)\n- virtualenv (optional but recommended)\n\n## Setup\n\n1. **Clone the repository:**\n\n    ```bash\n    git clone https://github.com/ankurjaiswalofficial/django-api-auth.git\n    cd django-api-auth\n    ```\n\n2. **Create a virtual environment (optional but recommended):**\n\n    ```bash\n    python -m venv venv\n    source venv/bin/activate  # On Windows use `venv\\Scripts\\activate`\n    ```\n\n3. **Install the dependencies:**\n\n    ```bash\n    pip install -r requirements.txt\n    ```\n\n4. **Apply migrations:**\n\n    ```bash\n    python manage.py migrate\n    ```\n\n5. **Create a superuser (optional but recommended for accessing the admin site):**\n\n    ```bash\n    python manage.py createsuperuser\n    ```\n\n6. **Run the development server:**\n\n    ```bash\n    python manage.py runserver\n    ```\n\n7. **Access the application:**\n\n    - Admin site: `http://127.0.0.1:8000/admin/`\n    - API endpoints: `http://127.0.0.1:8000/api/`\n    - API authentication: `http://127.0.0.1:8000/api-auth/`\n\n8. **Create an API key:**\n\n    To create an API key, send a POST request to the `http://127.0.0.1:8000/api-key/` endpoint. Include any required data in the request body as specified by the API documentation.\n\n9. **Access endpoints using the API key:**\n\n    Include the following header in your HTTP requests to access protected endpoints:\n\n    ```\n    X-API-KEY: \u003cyour-api-key\u003e\n    ```\n\n## Frontend Integration\n\nThis project includes a frontend application that interacts with the Django API. The frontend is built using modern JavaScript frameworks and communicates with the backend via RESTful API endpoints.\n\n### Setting Up the Frontend\n\n1. **Navigate to the frontend directory:**\n\n    ```bash\n    cd frontend\n    ```\n\n2. **Install dependencies:**\n\n    ```bash\n    npm install\n    ```\n\n3. **Run the development server:**\n\n    ```bash\n    npm start\n    ```\n\n4. **Access the frontend application:**\n\n    Open your browser and navigate to `http://localhost:3000`.\n\n### Frontend Features\n\n- User authentication using API keys and Hawk authentication.\n- Interactive UI for testing API endpoints.\n- Error handling and user-friendly messages for failed requests.\n\n## CORS Configuration\n\nTo enable cross-origin requests between the frontend and backend, CORS (Cross-Origin Resource Sharing) has been configured in the Django project.\n\n### CORS Setup\n\n1. **Install the `django-cors-headers` package:**\n\n    ```bash\n    pip install django-cors-headers\n    ```\n\n2. **Add `corsheaders` to `INSTALLED_APPS` in `settings.py`:**\n\n    ```python\n    INSTALLED_APPS = [\n        ...existing code...\n        'corsheaders',\n    ]\n    ```\n\n3. **Add the `CorsMiddleware` to the middleware stack in `settings.py`:**\n\n    ```python\n    MIDDLEWARE = [\n        'corsheaders.middleware.CorsMiddleware',\n        ...existing code...\n    ]\n    ```\n\n4. **Configure allowed origins in `settings.py`:**\n\n    ```python\n    CORS_ALLOWED_ORIGINS = [\n        \"http://localhost:3000\",  # Frontend URL\n    ]\n    ```\n\nThis setup ensures that the frontend can communicate with the backend without encountering CORS errors.\n\n## Custom Middleware\n\nA custom middleware has been implemented to log API requests and responses for debugging and monitoring purposes.\n\n### Middleware Implementation\n\n1. **Create the middleware file:**\n\n    The middleware is located in `myapp/middleware.py`.\n\n2. **Add the middleware to the stack in `settings.py`:**\n\n    ```python\n    MIDDLEWARE = [\n        ...existing code...\n        'myapp.middleware.RequestResponseLoggingMiddleware',\n    ]\n    ```\n\n3. **Middleware Functionality:**\n\n    - Logs incoming requests, including headers and body.\n    - Logs outgoing responses, including status codes and response data.\n\nThis middleware is useful for debugging and ensuring the API behaves as expected during development.\n\n## Hawk Authentication\n\n### Generate Hawk Credentials\n\nTo generate Hawk credentials (ID and key), send a `GET` request to the `/auth/hawk-auth/` endpoint. Ensure the user is authenticated.\n\n**Request:**\n```http\nGET /auth/hawk-auth/ HTTP/1.1\nHost: example.com\nAuthorization: Bearer \u003cyour-access-token\u003e\n```\n\n**Response:**\n```json\n{\n    \"id\": \"generated-hawk-id\",\n    \"key\": \"generated-hawk-key\"\n}\n```\n\n### Authenticate Using Hawk\n\nTo authenticate a request using Hawk, include the `Authorization` header in your request. The header must be generated using the Hawk protocol.\n\n**Request:**\n```http\nPOST /auth/hawk-auth/ HTTP/1.1\nHost: example.com\nAuthorization: Hawk id=\"\u003chawk-id\u003e\", mac=\"\u003cgenerated-mac\u003e\", ts=\"\u003ctimestamp\u003e\", nonce=\"\u003cnonce\u003e\"\nContent-Type: application/json\n```\n\n**Response (Success):**\n```json\n{\n    \"message\": \"Hawk authentication successful\"\n}\n```\n\n**Response (Failure):**\n```json\n{\n    \"error\": \"Invalid Hawk credentials\"\n}\n```\n\n## Project Structure\n\n- `api_auth_proj/`: Main project directory.\n- `myapp/`: Application directory containing views, models, serializers, etc.\n- `requirements.txt`: List of dependencies.\n- `manage.py`: Django's command-line utility for administrative tasks.\n\n## License\n\nThis project is licensed under the MIT License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fankurjaiswalofficial%2Fdjango-api-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fankurjaiswalofficial%2Fdjango-api-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fankurjaiswalofficial%2Fdjango-api-auth/lists"}