Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mcueto/djangorestframework-auth0
Library to simply use Auth0 token authentication in DRF within djangorestframework-jwt
https://github.com/mcueto/djangorestframework-auth0
Last synced: 24 days ago
JSON representation
Library to simply use Auth0 token authentication in DRF within djangorestframework-jwt
- Host: GitHub
- URL: https://github.com/mcueto/djangorestframework-auth0
- Owner: mcueto
- License: mit
- Created: 2016-03-23T09:22:39.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2023-02-08T00:03:01.000Z (almost 2 years ago)
- Last Synced: 2024-08-04T04:04:28.511Z (4 months ago)
- Language: Python
- Size: 188 KB
- Stars: 91
- Watchers: 5
- Forks: 19
- Open Issues: 9
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- starred-awesome - djangorestframework-auth0 - Library to simply use Auth0 token authentication in DRF within djangorestframework-jwt (Python)
README
djangorestframework-auth0
=====
___This library let you to **authenticate** an specific user on DRF based on the JWT Token returned by Auth0 Javascript libraries.
![Logo](docs/logo.png)
Installation
-----------1. Using `pip` to install current release:
``` shell
pip install rest_framework_auth0
```2. Using `pip` to install development version:
``` shell
pip install git+https://github.com/mcueto/djangorestframework-auth0/
```Quick start
-----------1. Make sure `django.contrib.auth` in on INSTALLED_APPS setting, otherwise add it by your own:
``` python
INSTALLED_APPS = [
...
'django.contrib.auth',
...
]
```
This will allow us to login as an specific user as well as auto-creating users when they don't exist1. Add `rest_framework_auth0` to your `INSTALLED_APPS` setting:
``` python
INSTALLED_APPS = [
...,
'rest_framework_auth0',
]
```2. Add `Auth0JSONWebTokenAuthentication` in your DEFAULT_AUTHENTICATION_CLASSES located at settings.py from your project:
``` python
REST_FRAMEWORK = {
...,
'DEFAULT_AUTHENTICATION_CLASSES': (
...,
'rest_framework_auth0.authentication.Auth0JSONWebTokenAuthentication',
),
}
```3. Add your `CLIENTS` & `MANAGEMENT_API` settings in your settings.py file:
```python
# Import cryptography libraries
from cryptography.x509 import load_pem_x509_certificate
from cryptography.hazmat.backends import default_backend
# Read the your Auth0 client PEM certificate
certificate_text = open('rsa_certificates/certificate.pem', 'rb').read()
certificate = load_pem_x509_certificate(certificate_text, default_backend())
# Get your PEM certificate public_key
certificate_publickey = certificate.public_key()
#
#
# AUTH0 SETTINGS
AUTH0 = {
'CLIENTS': {
'default': {
'AUTH0_CLIENT_ID': '',
'AUTH0_AUDIENCE': '',
'AUTH0_ALGORITHM': 'RS256', # default used in Auth0 apps
'PUBLIC_KEY': certificate_publickey',
}
},
# Management API - For roles and permissions validation
'MANAGEMENT_API': {
'AUTH0_DOMAIN': '',
'AUTH0_CLIENT_ID': '',
'AUTH0_CLIENT_SECRET': ''
},
}
```4. Add the `Authorization` Header to all of your REST API request, prefixing `Bearer` to your token(default in common REST clients & Postman):
```
Authorization: Bearer
```5. That's it, now only your Auth0 users can request data to your DRF endpoints
```
NOTE: In order to get the token authentication, the 'django.contrib.auth' app models migrations must be applied(python manage.py migrate).
```Use cases
-----------
- [Use cases can be found here](docs/use_cases.md)Sample Project
-----------
A sample project can be found [here][sample][sample]: https://github.com/mcueto/djangorestframework-auth0_sample