{"id":15032084,"url":"https://github.com/imerica/dj-rest-auth","last_synced_at":"2026-03-15T07:24:37.059Z","repository":{"id":38289950,"uuid":"243840407","full_name":"iMerica/dj-rest-auth","owner":"iMerica","description":"Authentication for Django Rest Framework","archived":false,"fork":false,"pushed_at":"2025-01-04T23:35:35.000Z","size":836,"stargazers_count":1767,"open_issues_count":236,"forks_count":329,"subscribers_count":20,"default_branch":"master","last_synced_at":"2025-05-08T00:14:06.770Z","etag":null,"topics":["authentication","django","django-rest-framework","jwt","python","rest-api"],"latest_commit_sha":null,"homepage":"https://dj-rest-auth.readthedocs.io/en/latest/index.html","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/iMerica.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-02-28T19:35:48.000Z","updated_at":"2025-05-06T02:39:26.000Z","dependencies_parsed_at":"2023-02-10T10:30:48.200Z","dependency_job_id":"e767e238-d68c-4482-a655-7361fcc908dc","html_url":"https://github.com/iMerica/dj-rest-auth","commit_stats":{"total_commits":708,"total_committers":201,"mean_commits":"3.5223880597014925","dds":0.7909604519774012,"last_synced_commit":"5498963cb3b038cd0bdd95e124ed9e6e6757c196"},"previous_names":["jazzband/dj-rest-auth"],"tags_count":66,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iMerica%2Fdj-rest-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iMerica%2Fdj-rest-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iMerica%2Fdj-rest-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iMerica%2Fdj-rest-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/iMerica","download_url":"https://codeload.github.com/iMerica/dj-rest-auth/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254043808,"owners_count":22005020,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","django","django-rest-framework","jwt","python","rest-api"],"created_at":"2024-09-24T20:17:16.890Z","updated_at":"2026-03-15T07:24:37.039Z","avatar_url":"https://github.com/iMerica.png","language":"Python","readme":"# dj-rest-auth\n\n[![CI](https://github.com/iMerica/dj-rest-auth/actions/workflows/main.yml/badge.svg)](https://github.com/iMerica/dj-rest-auth/actions/workflows/main.yml)\n[![Security](https://github.com/iMerica/dj-rest-auth/actions/workflows/security.yaml/badge.svg)](https://github.com/iMerica/dj-rest-auth/actions/workflows/security.yaml)\n[![PyPI](https://img.shields.io/pypi/v/dj-rest-auth)](https://pypi.org/project/dj-rest-auth/)\n[![Python](https://img.shields.io/badge/python-3.10%E2%80%933.14-blue)](https://pypi.org/project/dj-rest-auth/)\n[![Django](https://img.shields.io/badge/django-4.2%E2%80%936.0-green)](https://pypi.org/project/dj-rest-auth/)\n\nSecure drop-in authentication endpoints for Django REST Framework. Works seamlessly with SPAs and mobile apps.\n\n**[Documentation](https://dj-rest-auth.readthedocs.io/)** | **[PyPI](https://pypi.org/project/dj-rest-auth/)**\n\n## Features\n\n- Login, logout, password change, password reset\n- User registration with email verification\n- Built-in MFA/2FA support (TOTP + recovery codes)\n- JWT authentication with HTTP-only cookies\n- Social auth (Google, GitHub, Facebook) via django-allauth\n- Fully customizable serializers\n\n## Architecture\n\n```mermaid\nflowchart LR\n    Client[Client\u003cbr/\u003eReact / Vue / Mobile]\n    \n    subgraph Django\n        subgraph dj-rest-auth\n            Auth[Login / Logout]\n            Reg[Registration]\n            PW[Password Reset]\n        end\n        \n        DRF[Django REST Framework]\n        DJAuth[django.contrib.auth]\n        AA[django-allauth]\n        JWT[simplejwt]\n    end\n    \n    Client \u003c--\u003e dj-rest-auth\n    \n    Auth --\u003e DRF\n    Auth --\u003e DJAuth\n    Auth -.-\u003e JWT\n    Reg -.-\u003e AA\n    PW --\u003e DJAuth\n```\n\n## Quick Start\n\n```bash\npip install dj-rest-auth\n```\n\n```python\n# settings.py\nINSTALLED_APPS = [\n    ...\n    'rest_framework',\n    'rest_framework.authtoken',\n    'dj_rest_auth',\n]\n```\n\n```python\n# urls.py\nurlpatterns = [\n    path('auth/', include('dj_rest_auth.urls')),\n]\n```\n\nYou now have:\n\n| Endpoint | Method | Description |\n|----------|--------|-------------|\n| `/auth/login/` | POST | Obtain auth token |\n| `/auth/logout/` | POST | Revoke token |\n| `/auth/user/` | GET, PUT | User details |\n| `/auth/password/change/` | POST | Change password |\n| `/auth/password/reset/` | POST | Request reset email |\n| `/auth/password/reset/confirm/` | POST | Confirm reset |\n\n## JWT with HTTP-only Cookies\n\n```bash\npip install dj-rest-auth djangorestframework-simplejwt\n```\n\n```python\n# settings.py\nREST_FRAMEWORK = {\n    'DEFAULT_AUTHENTICATION_CLASSES': [\n        'dj_rest_auth.jwt_auth.JWTCookieAuthentication',\n    ],\n}\n\nREST_AUTH = {\n    'USE_JWT': True,\n    'JWT_AUTH_COOKIE': 'access',\n    'JWT_AUTH_REFRESH_COOKIE': 'refresh',\n    'JWT_AUTH_HTTPONLY': True,\n}\n```\n\n## Registration\n\n```bash\npip install 'dj-rest-auth[with-social]'\n```\n\n```python\n# settings.py\nINSTALLED_APPS = [\n    ...\n    'django.contrib.sites',\n    'allauth',\n    'allauth.account',\n    'dj_rest_auth.registration',\n]\n\nSITE_ID = 1\n```\n\n```python\n# urls.py\nurlpatterns = [\n    path('auth/', include('dj_rest_auth.urls')),\n    path('auth/registration/', include('dj_rest_auth.registration.urls')),\n]\n```\n\n## MFA / 2FA\n\n```bash\npip install 'dj-rest-auth[with-mfa]'\n```\n\nMFA ships as an opt-in sub-package (`dj_rest_auth.mfa`) with:\n\n- TOTP login challenge flow\n- Recovery codes\n- Security-focused defaults (short-lived MFA tokens, activation confirmation)\n\nSee the guide for setup and endpoint details:  \n[MFA Guide](https://dj-rest-auth.readthedocs.io/en/latest/guides/mfa/)\n\n## Documentation\n\nFull documentation at **[dj-rest-auth.readthedocs.io](https://dj-rest-auth.readthedocs.io/)**\n\n- [Installation \u0026 Configuration](https://dj-rest-auth.readthedocs.io/en/latest/getting-started/installation/)\n- [API Endpoints](https://dj-rest-auth.readthedocs.io/en/latest/api/endpoints/)\n- [JWT \u0026 Cookies Guide](https://dj-rest-auth.readthedocs.io/en/latest/guides/jwt-cookies/)\n- [Social Authentication](https://dj-rest-auth.readthedocs.io/en/latest/guides/social-auth/)\n- [MFA Guide](https://dj-rest-auth.readthedocs.io/en/latest/guides/mfa/)\n\n## Contributing\n\n```bash\npip install -r dj_rest_auth/tests/requirements.txt\npython runtests.py\n```\n\nSee [Contributing Guide](https://dj-rest-auth.readthedocs.io/en/latest/contributing/) for details.\n\n## License\n\nMIT\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fimerica%2Fdj-rest-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fimerica%2Fdj-rest-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fimerica%2Fdj-rest-auth/lists"}