djangoauthframework 2.0.7
Django Auth Framework
An open source, one-stop authentication framework for Django and ready for production.
Table of Contents
About The Project
Built With
Features
Getting Started
Installation
Configurations
API Endpoints and Examples
Contributing
License
About The Project
Django Auth Framework is an open source, one-stop framework for Django applications providing the most essential APIs for
authentication and authorization. APIs also cover Oauth2 protocol, social login and user management with options allows
to easily customize and override for working on most scenarios. It supports multiple
authentication ways to make your auth server scalable from a monolithic server using Token/Session authentication to
service mesh such like Istio on Kubernetes Cluster with JWT authentication.
This framework was originally developed by me to help
Django projects in our company fast setup. Now, it has scaled our service over a million users. I am
happy to open soucre this project, hope it is helpful in your projects or startups
Built With
Django OAuth Toolkit
Django REST framework
Features
Production-ready, optimized by reducing unnecessary queries write to db during authentication and authorization.
Extends Django OAuth Toolkit's default Oauth2Validator to allow
authorization with multiple types of credentials like email, phone number.
Pure RESTFUL API endpoints implemented with Django REST framework,
this framework doesn't use any traditional Django components(eg: forms, html).
Supports the most popular social login(Google,Apple and Facebook) followed by up to date guidelines, users at frontend
can be authorized by either id_token, code or access_token.
NO FULL DOCUMENTATION atm.
Getting Started
To get a local copy up and running follow these simple steps.
Installation
pip install django-auth-framework
Configurations
Edit settings.py file:
#in your my_auth/models.py
# from auth_framework.models import AbstractUser
# class MyUser(AbstractUser):
# custom_fields ...
AUTH_USER_MODEL = 'my_auth.MyUser'
or just try with
AUTH_USER_MODEL = 'auth_framework.User'
add required apps and configuration for rest_framework:
# ...
REQUIRED_APPS = [
'rest_framework',
'oauth2_provider',
'auth_framework',
]
LOCAL_APPS = [
'my_auth'
]
INSTALLED_APPS += REQUIRED_APPS
INSTALLED_APPS += LOCAL_APPS
# ...
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
'rest_framework.authentication.SessionAuthentication',
),
}
if you need other unique fields: email or phone_number not justusernameas credentials:
AUTHENTICATION_BACKENDS = [
"auth_framework.backends.auth_backends.AuthenticationBackend",
]
OAUTH2_PROVIDER = {
"OIDC_ENABLED": True,
"OIDC_RSA_PRIVATE_KEY": os.environ.get('OIDC_RSA_PRIVATE_KEY'),
'SCOPES': {
"openid": "OpenID Connect scope",
'read': 'Read scope',
'write': 'Write scope',
},
'OAUTH2_VALIDATOR_CLASS': 'auth_framework.oauth.oauth2_validators.OauthValidator',
'OAUTH2_BACKEND_CLASS': 'auth_framework.oauth.oauth2_backends.OAuthLibCore',
}
Edit the urls.py:
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path('admin/', admin.site.urls),
path('account/', include('auth_framework.urls'))
]
Sync Database and createsuperuser:
python manage.py migrate
python manage.py createsuperuser
Login to the admin page http://localhost:8000/admin/oauth2_provider/application/add/
and add a default Application. if it's only open to your first party apps, then just choose Resource owner password-based
as the grant type (No one likes to login with password but still having a redirect web page on a native app)
[Optional] Configure of Social Adapters: in most scenarios, you only need to create one client id/secret for each social
provider. For security and performance, it will look up those environment variables during making Oauth request calls
instead of creating many key pairs to the database:
GOOGLE_CLIENT_ID=*********.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=**********
FACEBOOK_CLIENT_ID=**********
FACEBOOK_CLIENT_SECRET=**************
APPLE_CLIENT_ID=com.team.project
APPLE_CLIENT_SECRET=**************
If this is not your thing, consider to use allauth-django
API Endpoints and Examples
Postman
Contributing
If you have improvements to Django Auth Framework, just send a pull request:
Fork the Project
Create your Feature Branch (git checkout -b feature/AmazingFeature)
Commit your Changes (git commit -m 'Add some AmazingFeature')
Push to the Branch (git push origin feature/AmazingFeature)
Open a Pull Request
Or leave a comment in our Issues
License
Distributed under the BSD License. See LICENSE for more information.
For personal and professional use. You cannot resell or redistribute these repositories in their original state.
There are no reviews.