dj-rest-auth
django-two-factor-auth
Our great sponsors
dj-rest-auth | django-two-factor-auth | |
---|---|---|
22 | 4 | |
1,572 | 1,584 | |
2.5% | 1.9% | |
6.1 | 7.7 | |
6 days ago | 4 days ago | |
Python | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dj-rest-auth
-
Can someone help me understand CSRF security? (context inside)
I am using dj-rest-auth for authentication. I am using JWT token authentication. All advice on JWT tokens is to not store them in local storage. Instead, using this package I store them in HttpOnly cookie. Now, I am apparently vulnerable to CSRF attack. So I enable JWT_AUTH_COOKIE_USE_CSRF. This checks the CSRF token on authenticated requests. However, there is still the potential vulnerability known as "login CSRF" as detailed by this issue on Github. In order to account for this, there is another setting called JWT_AUTH_COOKIE_ENFORCE_CSRF_ON_UNAUTHENTICATED. This enforces CSRF on unauthenticated views (such as login).
-
Social authentication in django rest framework.
Try to use https://github.com/iMerica/dj-rest-auth
-
djoser is dead?
I was using djoser in the past. Now Im using very similar dj-rest-auth https://github.com/iMerica/dj-rest-auth
- How can I add Login/Register/Logout endpoints?
-
How can I add Login/Register/Logout endpoint
you can use this.
-
How could we do a reliable social authentication api with custom user model?
I found the dj-rest-auth as a method of making a rest auth api, unfortunately when using the documentation I have this error coming up.
-
Login error when using Google OAuth with dj-rest-auth. Getting "redirect_uri_mismatch" error but the callback url seems to be configured correctly
I've followed the documentation: https://dj-rest-auth.readthedocs.io/en/latest/index.html
-
Django REST Framework and JS Framework (React here) authentication.
Right now, I'm using dj-rest-auth for Token based authentication. I store token in the localStorage. Earlier I was using djoser for adding auth in the project (I wrote article about my approach with djoser).
-
The Best GitHub Repositories For Django Developers.
Please use https://github.com/iMerica/dj-rest-auth as this project is no longer maintained. Thanks!
- Django with React Frontend
django-two-factor-auth
-
Otp for staff only?
The package I've found thus far, django-otp, doesn't have a good way to onboard admins. There's also django-two-factor-auth, but I haven't tried it yet.
- Thoughts on TOTP Implementation
-
How should I secure my Django admin login page?
I also use this on one of my sites https://github.com/Bouke/django-two-factor-auth . Has worked pretty well. Just be careful when configuring it in settings.py (particularly the redirect URLs) and when customizing the templates.
-
How can i add two factor authentication in Django/Django Rest Framework?
Have you looked at the Django two-factor-auth package? It seems like it might be what you're looking for, and if not, it might have useful clues as to how to put together what you need.
What are some alternatives?
django-rest-framework-simplejwt - A JSON Web Token authentication plugin for the Django REST Framework.
django-recaptcha - Django reCAPTCHA form field/widget integration app.
drf-yasg - Automated generation of real Swagger/OpenAPI 2.0 schemas from Django REST Framework code.
django-oauth-toolkit - OAuth2 goodies for the Djangonauts!
django-auth-adfs - A Django authentication backend for Microsoft ADFS and AzureAD
authlib - The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
django-nuxt-starter
django-multifactor - Drop-in multifactor authentication subsystem for Django.
django-oauth-toolkit-spa - A set of out-of-box REST endpoints for auth operations, providing refresh token in HttpOnly cookie and access token in body, perfect for SPA web apps. Built on top of models provided by django-oauth-toolkit.
django-magiclink - Passwordless authentication for Django with magic links.
django-sesame - "Magic Links" - URLs with authentication tokens for one-click login
django-honeypot - 🍯 Generic honeypot utilities for use in django projects.