dj-rest-auth
django-rest-framework-simplejwt
Our great sponsors
dj-rest-auth | django-rest-framework-simplejwt | |
---|---|---|
22 | 18 | |
1,572 | 3,811 | |
2.5% | 1.8% | |
6.1 | 6.8 | |
4 days ago | 10 days ago | |
Python | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dj-rest-auth
-
Can someone help me understand CSRF security? (context inside)
I am using dj-rest-auth for authentication. I am using JWT token authentication. All advice on JWT tokens is to not store them in local storage. Instead, using this package I store them in HttpOnly cookie. Now, I am apparently vulnerable to CSRF attack. So I enable JWT_AUTH_COOKIE_USE_CSRF. This checks the CSRF token on authenticated requests. However, there is still the potential vulnerability known as "login CSRF" as detailed by this issue on Github. In order to account for this, there is another setting called JWT_AUTH_COOKIE_ENFORCE_CSRF_ON_UNAUTHENTICATED. This enforces CSRF on unauthenticated views (such as login).
-
Social authentication in django rest framework.
Try to use https://github.com/iMerica/dj-rest-auth
-
djoser is dead?
I was using djoser in the past. Now Im using very similar dj-rest-auth https://github.com/iMerica/dj-rest-auth
- How can I add Login/Register/Logout endpoints?
-
How can I add Login/Register/Logout endpoint
you can use this.
-
How could we do a reliable social authentication api with custom user model?
I found the dj-rest-auth as a method of making a rest auth api, unfortunately when using the documentation I have this error coming up.
-
Login error when using Google OAuth with dj-rest-auth. Getting "redirect_uri_mismatch" error but the callback url seems to be configured correctly
I've followed the documentation: https://dj-rest-auth.readthedocs.io/en/latest/index.html
-
Django REST Framework and JS Framework (React here) authentication.
Right now, I'm using dj-rest-auth for Token based authentication. I store token in the localStorage. Earlier I was using djoser for adding auth in the project (I wrote article about my approach with djoser).
-
The Best GitHub Repositories For Django Developers.
Please use https://github.com/iMerica/dj-rest-auth as this project is no longer maintained. Thanks!
- Django with React Frontend
django-rest-framework-simplejwt
-
How can I implement 2FA with Django REST Framework?
Now, I'm converting this app into a Vue-based SPA (still powered by Django). I'm using the Django REST Framework to build the API that the SPA will interact with. (I'll be using token-based auth, via django-rest-knox. ETA: I'll actually be using djangorestframework-simplejwt.)
-
Exploring Django's Third-Party Packages: Top Libraries You Should Know
Django REST Framework SimpleJWT Django REST Framework SimpleJWT provides JSON Web Token (JWT) authentication for Django REST Framework APIs. It enables secure and stateless token-based authentication, allowing clients to authenticate and access protected endpoints.
-
Finding JWT refresh token (to blacklist) from token or user ID?
I'm using simple JWT with DRF.
-
Shouldn't djangorestframework-simplejwt verify the signature of every access token I pass to it? Mine isn't working please help.
So , i was using djangorestframework-simplejwt for token bases authentication with drf.
-
Django and svelte ?
I used JWT authentication instead. https://github.com/jazzband/djangorestframework-simplejwt
- What's the difference between pyJwt and simple Jwt?
-
JWT logout
First: the drf token is not a jwt. If you want to use jwt, I recommend the drf simple jwt plugin: https://github.com/jazzband/djangorestframework-simplejwt
-
Authenticating requests in a decoupled Django + Vue.js app using JSON Web Tokens (JWT) and HttpOnly Cookies (repo in comments)
There is an issue in the drf-simplejwt repo that I borrowed some code from: https://github.com/jazzband/djangorestframework-simplejwt/issues/71.Is anyone doing authentication with JWT / HttpOnly cookies in a similar way? Thanks for anyone that can take a look or offer some feedback!
-
Techniques to declare settings in a third party Django library
I'm not going to go in-depth with it, but I've seen a different technique used to achieve the same result in the SimpleJWT project that can be found in this file in the source code. Basically the technique relies on the settings_changed signal to establish default values for settings and update those settings in the context of the package. I'm not sure if there is a massive improvement on this approach over the previous one (maybe caching?), but if there is, feel free to comment.
-
build full fledge login/logout/home systems using vuejs and django/simplejwt
I work in FOSS and have a project I can share with that stack. The back-end is here. Change the branch to develop and look in accounts. Its not a perfect example of what you want since we extend the TokenView with VogonTokenVerifyView. Basically you create a login form on your front-end and then make a request to TokenObtainPairView with the login info and it will return tokens if everything went to plan. The vue project can be found here. There is really nothing fancy happening in the frontend, create a form and send the information. I would not save the tokens in localStorage like we are doing. This is a very debated topic but I have come to the conclusion after tons reading on the subject that cookies are a better route. There is an interesting thread on the subject in a pull request in the simplejwt-repo. Once that pull request is merged, we will switch to cookies.
What are some alternatives?
drf-yasg - Automated generation of real Swagger/OpenAPI 2.0 schemas from Django REST Framework code.
django-cors-headers - Django app for handling the server headers required for Cross-Origin Resource Sharing (CORS)
django-auth-adfs - A Django authentication backend for Microsoft ADFS and AzureAD
django_rest-vuejs-auth - An Authentication project using JWT Tokens, Vuejs(frontend) and Django-Rest(backend).
django-two-factor-auth - Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects.
drf-SimpleJWT-Vue - Template Django + DRF + SimpleJWT + Vue.js project
django-nuxt-starter
django-rest-knox - Authentication Module for django rest auth
django-oauth-toolkit-spa - A set of out-of-box REST endpoints for auth operations, providing refresh token in HttpOnly cookie and access token in body, perfect for SPA web apps. Built on top of models provided by django-oauth-toolkit.
django-rest-framework-jwt - JSON Web Token Authentication support for Django REST Framework [Moved to: https://github.com/jpadilla/django-rest-framework-jwt]
django-sesame - "Magic Links" - URLs with authentication tokens for one-click login
django-trench - django-trench provides a set of REST API endpoints to supplement django-rest-framework with multi-factor authentication (MFA, 2FA). It supports both standard built-in authentication methods, as well as JWT (JSON Web Token).