Skip to content

pandy1988/django-rest-framework-jk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

rest_framework_jk

rest_framework_jk

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

requirements.txt

requirements.txt

 
 

setup.py

setup.py

 
 

Repository files navigation

django-rest-framework-jk

This authentication scheme uses a simple UUID-key-based HTTP Authentication scheme.

Key authentication is appropriate for client-server setups, such as native desktop and mobile clients.

Requirements

  • Python 3.5+

  • Django 2.0+

  • Django REST Framework 3.0+

Installation

Install using pip.

# pip install git+https://github.com/pandy1988/django-rest-framework-jk

Usage

To use the authentication scheme you'll include rest_framework_jk in your INSTALLED_APPS setting.

Make sure to run manage.py migrate after changing your settings.

INSTALLED_APPS = [
    # ....
    'rest_framework_jk',
]

Additionally AuthKeyAuthentication or AccessKeyAuthentication to Django REST framework's DEFAULT_AUTHENTICATION_CLASSES.

REST_FRAMEWORK = {
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated',
    ),
    'DEFAULT_AUTHENTICATION_CLASSES': (
        # ....
        'rest_framework_jk.authentication.AuthKeyAuthentication',
        'rest_framework_jk.authentication.AccessKeyAuthentication',
    ),
}

Add the following URL route to urls.py and activate the key handling methods.

urlpatterns = [
    # ....
    path('key/', include('rest_framework_jk.urls')),
]

Authentication Key

The user can have only one authentication key.

Obtain

# curl -X POST -H 'Content-Type: application/json' -d '{
    "username": "........",
    "password": "........"
}' http://localhost/key/auth

# curl -X GET -H 'Authorization: JK-Auth <auth_key>' http://localhost/api/method

Refresh

# curl -X PUT -H 'Content-Type: application/json' -d '{
    "auth_key": "........",
    "refresh_key": "........"
}' http://localhost/key/auth/refresh

Access Key

A user can have multiple access keys.

Obtain

# curl -X POST -H 'Authorization: JK-Auth <auth_key>' -d '{
    "name": "This is access key"
}' http://localhost/key/access

# curl -X GET -H 'Authorization: JK-Access <access_key>' http://localhost/api/method

Refresh

# curl -X PUT -H 'Authorization: JK-Auth <auth_key>' http://localhost/key/access/<access_key>/refresh

Destory

# curl -X DELETE -H 'Authorization: JK-Auth <auth_key>' http://localhost/key/access/<access_key>

Settings

REST_FRAMEWORK_JK = {
    # This is the expiration date of the keys.
    'AUTH_EXPIRATION_DELTA': timedelta(days=1),
    'REFRESH_EXPIRATION_DELTA': timedelta(days=7),
    # Another value used for the authorization header to distinguish keys.
    'AUTH_HEADER_PREFIX': 'JK-Auth',
    'ACCESS_HEADER_PREFIX': 'JK-Access',
}

Author

@pandy1988

About

Django REST framework JSON key

Topics

django-rest-framework token-authetication web-authentication

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages