{"id":16419885,"url":"https://github.com/jpadilla/django-jwt-auth","last_synced_at":"2025-04-05T16:08:11.713Z","repository":{"id":20159088,"uuid":"23429678","full_name":"jpadilla/django-jwt-auth","owner":"jpadilla","description":"JSON Web Token Authentication support for Django","archived":false,"fork":false,"pushed_at":"2024-04-09T18:05:40.000Z","size":23,"stargazers_count":167,"open_issues_count":15,"forks_count":46,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-03-29T15:08:24.267Z","etag":null,"topics":["django","jwt","python"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jpadilla.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-08-28T13:51:45.000Z","updated_at":"2025-02-21T19:08:15.000Z","dependencies_parsed_at":"2024-06-19T00:22:57.931Z","dependency_job_id":"b6a3572c-2ac3-40b7-9e25-0da6aa770d03","html_url":"https://github.com/jpadilla/django-jwt-auth","commit_stats":{"total_commits":22,"total_committers":4,"mean_commits":5.5,"dds":"0.13636363636363635","last_synced_commit":"aecab610613e3ac5be9dc09be3e2968c5da0cd3b"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpadilla%2Fdjango-jwt-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpadilla%2Fdjango-jwt-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpadilla%2Fdjango-jwt-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpadilla%2Fdjango-jwt-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jpadilla","download_url":"https://codeload.github.com/jpadilla/django-jwt-auth/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247361689,"owners_count":20926643,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["django","jwt","python"],"created_at":"2024-10-11T07:26:16.223Z","updated_at":"2025-04-05T16:08:11.673Z","avatar_url":"https://github.com/jpadilla.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# Django JWT Auth\n\n[![build-status-image]][travis]\n[![pypi-version]][pypi]\n\n## Overview\nThis package provides [JSON Web Token Authentication](http://tools.ietf.org/html/draft-ietf-oauth-json-web-token) support for Django.\n\nBased on the [Django REST Framework JWT Auth](https://github.com/GetBlimp/django-rest-framework-jwt) package.\n\n## Installation\n\nInstall using `pip`...\n\n```\n$ pip install django-jwt-auth\n```\n\n## Usage\n\nIn your `urls.py` add the following URL route to enable obtaining a token via a POST included the user's username and password.\n\n```python\nfrom rest_framework_jwt.views import obtain_jwt_token, refresh_jwt_token\n\nurlpatterns = [\n    # ...\n\n    url(r'api-token-auth/', obtain_jwt_token),\n    url(r'api-token-refresh/', refresh_jwt_token),\n]\n```\n\nYou can easily test if the endpoint is working by doing the following in your terminal, if you had a user created with the username **admin** and password **abc123**.\n\n```bash\n$ curl -X POST -H \"Content-Type: application/json\" -d '{\"username\":\"admin\",\"password\":\"abc123\"}' http://localhost:8000/api-token-auth/\n```\n\nNow in order to access protected api urls you must include the `Authorization: Bearer \u003cyour_token\u003e` header.\n\n```bash\n$ curl -H \"Authorization: Bearer \u003cyour_token\u003e\" http://localhost:8000/protected-url/\n```\n\n## Additional Settings\nThere are some additional settings that you can override similar to how you'd do it with Django REST framework itself. Here are all the available defaults.\n\n```python\nJWT_ENCODE_HANDLER = 'jwt_auth.utils.jwt_encode_handler'\nJWT_DECODE_HANDLER = 'jwt_auth.utils.jwt_decode_handler',\nJWT_PAYLOAD_HANDLER = 'jwt_auth.utils.jwt_payload_handler'\nJWT_PAYLOAD_GET_USER_ID_HANDLER = 'jwt_auth.utils.jwt_get_user_id_from_payload_handler'\nJWT_SECRET_KEY: SECRET_KEY\nJWT_ALGORITHM = 'HS256'\nJWT_VERIFY = True\nJWT_VERIFY_EXPIRATION = True\nJWT_LEEWAY = 0\nJWT_EXPIRATION_DELTA = datetime.timedelta(seconds=300)\nJWT_ALLOW_REFRESH = False\nJWT_REFRESH_EXPIRATION_DELTA = datetime.timedelta(days=7)\nJWT_AUTH_HEADER_PREFIX = 'Bearer'\n```\nThis packages uses the JSON Web Token Python implementation, [PyJWT](https://github.com/progrium/pyjwt) and allows to modify some of it's available options.\n\n### JWT_SECRET_KEY\nThis is the secret key used to encrypt the JWT. Make sure this is safe and not shared or public.\n\nDefault is your project's `settings.SECRET_KEY`.\n\n### JWT_ALGORITHM\n\nPossible values:\n\n\u003e * HS256 - HMAC using SHA-256 hash algorithm (default)\n\u003e * HS384 - HMAC using SHA-384 hash algorithm\n\u003e * HS512 - HMAC using SHA-512 hash algorithm\n\u003e * RS256 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-256 hash algorithm\n\u003e * RS384 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-384 hash algorithm\n\u003e * RS512 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-512 hash algorithm\n\nNote:\n\u003e For the RSASSA-PKCS1-v1_5 algorithms, the \"secret\" argument in jwt.encode is supposed to be a private RSA key as\n\u003e imported with Crypto.PublicKey.RSA.importKey. Likewise, the \"secret\" argument in jwt.decode is supposed to be the\n\u003e public RSA key imported with the same method.\n\nDefault is `\"HS256\"`.\n\n### JWT_VERIFY\n\nIf the secret is wrong, it will raise a jwt.DecodeError telling you as such. You can still get at the payload by setting the `JWT_VERIFY` to `False`.\n\nDefault is `True`.\n\n### JWT_VERIFY_EXPIRATION\n\nYou can turn off expiration time verification with by setting `JWT_VERIFY_EXPIRATION` to `False`.\n\nDefault is `True`.\n\n### JWT_LEEWAY\n\n\u003e This allows you to validate an expiration time which is in the past but no very far. For example, if you have a JWT payload with an expiration time set to 30 seconds after creation but you know that sometimes you will process it after 30 seconds, you can set a leeway of 10 seconds in order to have some margin.\n\nDefault is `0` seconds.\n\n### JWT_EXPIRATION_DELTA\nThis is an instance of Python's `datetime.timedelta`. This will be added to `datetime.utcnow()` to set the expiration time.\n\nDefault is `datetime.timedelta(seconds=300)`(5 minutes).\n\n### JWT_ALLOW_REFRESH\nEnable token refresh functionality. Token issued from `rest_framework_jwt.views.obtain_jwt_token` will have an `orig_iat` field. Default is `False`\n\n### JWT_REFRESH_EXPIRATION_DELTA\nLimit on token refresh, is a `datetime.timedelta` instance. This is how much time after the original token that future tokens can be refreshed from.\n\nDefault is `datetime.timedelta(days=7)` (7 days).\n\n### JWT_PAYLOAD_HANDLER\nSpecify a custom function to generate the token payload\n\n### JWT_PAYLOAD_GET_USER_ID_HANDLER\nIf you store `user_id` differently than the default payload handler does, implement this function to fetch `user_id` from the payload.\n\n### JWT_AUTH_HEADER_PREFIX\nYou can modify the Authorization header value prefix that is required to be sent together with the token.\n\nDefault is `Bearer`.\n\n\n[build-status-image]: https://secure.travis-ci.org/jpadilla/django-jwt-auth.svg?branch=master\n[travis]: http://travis-ci.org/jpadilla/django-jwt-auth?branch=master\n[pypi-version]: https://img.shields.io/pypi/v/django-jwt-auth.svg\n[pypi]: https://pypi.python.org/pypi/django-jwt-auth\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjpadilla%2Fdjango-jwt-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjpadilla%2Fdjango-jwt-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjpadilla%2Fdjango-jwt-auth/lists"}