2014-10-09 15:01:47 +04:00
Installation
============
2014-10-10 18:39:46 +04:00
1. Install package:
.. code-block :: python
2020-03-01 03:10:25 +03:00
pip install dj-rest-auth
2014-10-10 18:39:46 +04:00
2020-03-01 02:59:38 +03:00
2. Add `` dj_rest_auth `` app to INSTALLED_APPS in your django settings.py:
2014-10-09 15:01:47 +04:00
.. code-block :: python
INSTALLED_APPS = (
...,
'rest_framework',
'rest_framework.authtoken',
...,
2020-03-01 02:59:38 +03:00
'dj_rest_auth'
2014-10-09 15:01:47 +04:00
)
.. note :: This project depends on `` django-rest-framework `` library, so install it if you haven't done yet. Make sure also you have installed `` rest_framework `` and `` rest_framework.authtoken `` apps
2020-03-01 02:59:38 +03:00
3. Add dj_rest_auth urls:
2014-10-09 15:01:47 +04:00
.. code-block :: python
2017-10-03 17:17:48 +03:00
urlpatterns = [
2014-10-09 15:01:47 +04:00
...,
2020-04-16 16:38:03 +03:00
path('dj-rest-auth/', include('dj_rest_auth.urls'))
2017-10-03 17:17:48 +03:00
]
2014-10-09 15:01:47 +04:00
2017-06-05 00:54:03 +03:00
4. Migrate your database
2014-10-09 15:01:47 +04:00
2017-06-05 00:54:03 +03:00
.. code-block :: python
python manage.py migrate
2014-10-09 15:01:47 +04:00
You're good to go now!
Registration (optional)
-----------------------
2020-05-30 04:33:40 +03:00
1. If you want to enable standard registration process you will need to install `` django-allauth `` by using `` pip install 'dj-rest-auth[with_social]' `` .
2014-10-09 15:01:47 +04:00
2020-03-01 02:59:38 +03:00
2. Add `` django.contrib.sites `` , `` allauth `` , `` allauth.account `` and `` dj_rest_auth.registration `` apps to INSTALLED_APPS in your django settings.py:
2016-06-09 12:03:59 +03:00
3. Add `` SITE_ID = 1 `` to your django settings.py
2014-10-09 15:01:47 +04:00
.. code-block :: python
INSTALLED_APPS = (
...,
2016-06-09 12:03:59 +03:00
'django.contrib.sites',
2014-10-09 15:01:47 +04:00
'allauth',
'allauth.account',
2020-03-01 02:59:38 +03:00
'dj_rest_auth.registration',
2014-10-09 15:01:47 +04:00
)
2016-06-09 12:03:59 +03:00
SITE_ID = 1
2014-10-09 15:01:47 +04:00
2020-03-01 02:59:38 +03:00
3. Add dj_rest_auth.registration urls:
2014-10-09 15:01:47 +04:00
.. code-block :: python
2017-10-03 17:17:48 +03:00
urlpatterns = [
2014-10-09 15:01:47 +04:00
...,
2020-04-16 16:38:03 +03:00
path('dj-rest-auth/', include('dj_rest_auth.urls')),
path('dj-rest-auth/registration/', include('dj_rest_auth.registration.urls'))
2017-10-03 17:17:48 +03:00
]
2014-10-09 15:01:47 +04:00
2015-04-02 23:53:19 +03:00
Social Authentication (optional)
2014-10-09 15:01:47 +04:00
--------------------------------
2020-03-01 03:10:25 +03:00
Using `` django-allauth `` , `` dj-rest-auth `` provides helpful class for creating social media authentication view.
2014-10-09 15:01:47 +04:00
2016-02-23 15:16:24 +03:00
.. note :: Points 1 and 2 are related to `` django-allauth `` configuration, so if you have already configured social authentication, then please go to step 3. See `` django-allauth `` documentation for more details.
2014-10-09 17:27:24 +04:00
2016-02-23 15:16:24 +03:00
1. Add `` allauth.socialaccount `` and `` allauth.socialaccount.providers.facebook `` or `` allauth.socialaccount.providers.twitter `` apps to INSTALLED_APPS in your django settings.py:
2014-10-09 15:01:47 +04:00
.. code-block :: python
INSTALLED_APPS = (
...,
'rest_framework',
'rest_framework.authtoken',
2020-03-01 02:59:38 +03:00
'dj_rest_auth'
2014-10-09 15:01:47 +04:00
...,
2016-06-09 12:03:59 +03:00
'django.contrib.sites',
2014-10-09 15:01:47 +04:00
'allauth',
'allauth.account',
2020-03-01 02:59:38 +03:00
'dj_rest_auth.registration',
2014-10-09 15:01:47 +04:00
...,
'allauth.socialaccount',
'allauth.socialaccount.providers.facebook',
2016-02-23 14:45:57 +03:00
'allauth.socialaccount.providers.twitter',
2014-10-09 15:01:47 +04:00
)
2015-11-19 12:36:55 +03:00
2. Add Social Application in django admin panel
2014-10-09 17:27:24 +04:00
2016-02-23 15:16:24 +03:00
Facebook
########
2020-03-01 02:59:38 +03:00
3. Create new view as a subclass of `` dj_rest_auth.registration.views.SocialLoginView `` with `` FacebookOAuth2Adapter `` adapter as an attribute:
2014-10-09 15:01:47 +04:00
.. code-block :: python
from allauth.socialaccount.providers.facebook.views import FacebookOAuth2Adapter
2020-03-01 02:59:38 +03:00
from dj_rest_auth.registration.views import SocialLoginView
2014-10-09 15:01:47 +04:00
2015-08-07 13:54:45 +03:00
class FacebookLogin(SocialLoginView):
2014-10-09 15:01:47 +04:00
adapter_class = FacebookOAuth2Adapter
2015-11-19 12:36:55 +03:00
4. Create url for FacebookLogin view:
2014-10-09 15:01:47 +04:00
.. code-block :: python
2017-10-03 17:17:48 +03:00
urlpatterns += [
2014-10-09 15:01:47 +04:00
...,
2020-04-16 16:38:03 +03:00
path('dj-rest-auth/facebook/', FacebookLogin.as_view(), name='fb_login')
2017-10-03 17:17:48 +03:00
]
2015-11-19 12:36:55 +03:00
2016-02-23 14:45:57 +03:00
2016-02-23 15:16:24 +03:00
Twitter
#######
If you are using Twitter for your social authentication, it is a bit different since Twitter uses OAuth 1.0.
2016-02-23 14:45:57 +03:00
2020-03-01 02:59:38 +03:00
3. Create new view as a subclass of `` dj_rest_auth.registration.views.SocialLoginView `` with `` TwitterOAuthAdapter `` adapter and `` TwitterLoginSerializer `` as an attribute:
2016-02-23 14:45:57 +03:00
.. code-block :: python
from allauth.socialaccount.providers.twitter.views import TwitterOAuthAdapter
2020-03-01 02:59:38 +03:00
from dj_rest_auth.registration.views import SocialLoginView
from dj_rest_auth.social_serializers import TwitterLoginSerializer
2016-02-23 14:45:57 +03:00
2017-12-02 17:00:16 +03:00
class TwitterLogin(SocialLoginView):
2016-02-23 14:45:57 +03:00
serializer_class = TwitterLoginSerializer
adapter_class = TwitterOAuthAdapter
2016-02-23 15:16:24 +03:00
4. Create url for TwitterLogin view:
2016-02-23 15:01:11 +03:00
.. code-block :: python
2017-10-03 17:17:48 +03:00
urlpatterns += [
2016-02-23 15:01:11 +03:00
...,
2020-04-16 16:38:03 +03:00
path('dj-rest-auth/twitter/', TwitterLogin.as_view(), name='twitter_login')
2017-10-03 17:17:48 +03:00
]
2018-01-20 03:31:49 +03:00
2015-11-19 12:36:55 +03:00
.. note :: Starting from v0.21.0, django-allauth has dropped support for context processors. Check out http://django-allauth.readthedocs.org/en/latest/changelog.html#from-0-21-0 for more details.
2016-02-16 08:42:18 +03:00
2018-11-12 18:58:07 +03:00
GitHub
######
If you are using GitHub for your social authentication, it uses code and not AccessToken directly.
2020-03-01 02:59:38 +03:00
3. Create new view as a subclass of `` dj_rest_auth.views.SocialLoginView `` with `` GitHubOAuth2Adapter `` adapter, an `` OAuth2Client `` and a callback_url as attributes:
2018-11-12 18:58:07 +03:00
.. code-block :: python
from allauth.socialaccount.providers.github.views import GitHubOAuth2Adapter
from allauth.socialaccount.providers.oauth2.client import OAuth2Client
2020-03-01 02:59:38 +03:00
from dj_rest_auth.registration.views import SocialLoginView
2018-11-12 18:58:07 +03:00
class GithubLogin(SocialLoginView):
adapter_class = GitHubOAuth2Adapter
callback_url = CALLBACK_URL_YOU_SET_ON_GITHUB
client_class = OAuth2Client
4. Create url for GitHubLogin view:
.. code-block :: python
urlpatterns += [
...,
2020-04-16 16:38:03 +03:00
path('dj-rest-auth/github/', GitHubLogin.as_view(), name='github_login')
2018-11-12 18:58:07 +03:00
]
2018-01-19 05:11:36 +03:00
Additional Social Connect Views
###############################
2018-01-20 03:31:49 +03:00
If you want to allow connecting existing accounts in addition to login, you can use connect views:
2018-01-20 02:29:38 +03:00
.. code-block :: python
from allauth.socialaccount.providers.facebook.views import FacebookOAuth2Adapter
2018-11-12 18:58:07 +03:00
from allauth.socialaccount.providers.github.views import GitHubOAuth2Adapter
from allauth.socialaccount.providers.twitter.views import TwitterOAuthAdapter
from allauth.socialaccount.providers.oauth2.client import OAuth2Client
2020-03-01 02:59:38 +03:00
from dj_rest_auth.registration.views import SocialConnectView
from dj_rest_auth.social_serializers import TwitterConnectSerializer
2018-01-20 02:29:38 +03:00
class FacebookConnect(SocialConnectView):
adapter_class = FacebookOAuth2Adapter
class TwitterConnect(SocialConnectView):
serializer_class = TwitterConnectSerializer
adapter_class = TwitterOAuthAdapter
2018-11-12 18:58:07 +03:00
class GithubConnect(SocialConnectView):
adapter_class = GitHubOAuth2Adapter
callback_url = CALLBACK_URL_YOU_SET_ON_GITHUB
client_class = OAuth2Client
2018-01-20 02:29:38 +03:00
In urls.py:
.. code-block :: python
urlpatterns += [
...,
2020-04-16 16:38:03 +03:00
path('dj-rest-auth/facebook/connect/', FacebookConnect.as_view(), name='fb_connect')
path('dj-rest-auth/twitter/connect/', TwitterConnect.as_view(), name='twitter_connect')
path('dj-rest-auth/github/connect/', GithubConnect.as_view(), name='github_connect')
2018-01-20 02:29:38 +03:00
]
2018-01-20 03:31:49 +03:00
You can also use the following views to check all social accounts attached to the current authenticated user and disconnect selected social accounts:
2018-01-19 05:11:36 +03:00
.. code-block :: python
2020-03-01 02:59:38 +03:00
from dj_rest_auth.registration.views import (
2018-01-19 05:11:36 +03:00
SocialAccountListView, SocialAccountDisconnectView
)
urlpatterns += [
...,
2020-04-16 16:38:03 +03:00
path(
'socialaccounts/',
2018-01-19 05:11:36 +03:00
SocialAccountListView.as_view(),
name='social_account_list'
),
2020-04-16 16:38:03 +03:00
path(
'socialaccounts/<int:pk>/disconnect/',
2018-01-19 05:11:36 +03:00
SocialAccountDisconnectView.as_view(),
name='social_account_disconnect'
)
]
2016-02-16 08:42:18 +03:00
2018-10-25 20:28:24 +03:00
JSON Web Token (JWT) Support (optional)
---------------------------------------
2016-02-16 08:42:18 +03:00
2020-03-01 03:10:25 +03:00
By default `` dj-rest-auth `` uses Django's Token-based authentication. If you want to use JWT authentication, follow these steps:
2016-02-16 08:42:18 +03:00
2020-03-11 13:15:32 +03:00
1. Install `djangorestframework-simplejwt <https://github.com/SimpleJWT/django-rest-framework-simplejwt/> `_
- `` djangorestframework-simplejwt `` is currently the only supported JWT library.
2016-02-16 08:42:18 +03:00
2020-03-11 13:15:32 +03:00
2. Add a simple_jwt auth configuration to the list of authentication classes.
.. code-block :: python
REST_FRAMEWORK = {
...
'DEFAULT_AUTHENTICATION_CLASSES': (
...
2020-03-20 00:09:20 +03:00
'dj_rest_auth.utils.JWTCookieAuthentication',
2020-03-11 13:15:32 +03:00
)
...
}
3. Add the following configuration value to your settings file to enable JWT authentication in dj-rest-auth.
2016-02-16 08:42:18 +03:00
.. code-block :: python
2018-01-19 05:11:36 +03:00
REST_USE_JWT = True
2020-03-28 22:00:06 +03:00
4. Declare what you want the cookie key to be called.
.. code-block :: python
JWT_AUTH_COOKIE = 'my-app-auth'
This example value above will cause dj-rest-auth to return a `Set-Cookie` header that looks like this:
.. code-block :: bash
Set-Cookie: my-app-auth=xxxxxxxxxxxxx; expires=Sat, 28 Mar 2020 18:59:00 GMT; HttpOnly; Max-Age=300; Path=/
2020-05-30 04:33:40 +03:00
`` JWT_AUTH_COOKIE `` is also used while authenticating each request against protected views.