JWT Authentication for Django Rest Framework and MongoDB
Project description
Mango-JWT is a minimal JWT User Authentication tool for Django Rest Framework and MongoDB. Recommended for developers using django-rest-framework and pymongo. Not supported in versions below Django 2.0.
pip install mango-jwt
Quick start
Add “mongo_auth” to your INSTALLED_APPS setting below “rest_framework”:
INSTALLED_APPS = [ ... 'rest_framework', 'mongo_auth', ]
Include the mongo_auth URLconf in your project urls.py like this:
path('mongo_auth/', include('mongo_auth.urls')),
Add DB config in settings.py :-
# Minimal settings (all mandatory) MANGO_JWT_SETTINGS = { "db_host": "some_db_host", "db_port": "some_db_port", "db_name": "for_example_auth_db", "db_user": "username", "db_pass": "password" } # Or use Advanced Settings (including optional settings) MANGO_JWT_SETTINGS = { "db_host": "some_db_host", "db_port": "some_db_port", "db_name": "for_example_auth_db", "db_user": "username", "db_pass": "password", "auth_collection": "name_your_auth_collection", # default is "user_profile" "fields": ("email", "password"), # default "jwt_secret": "secret", # default "jwt_life": 7 # default (in days) }
Make a POST request on http://127.0.0.1:8000/mongo_auth/signup/ with body as :-
{ "email": "some_email@email.com", "password": "some_password" }
Now login with these credentials at http://127.0.0.1:8000/mongo_auth/login/ :-
{ "email": "some_email@email.com", "password": "some_password" }
This will return a JWT. Pass this JWT in your request in “Authorization” header.
AuthenticatedOnly
The AuthenticatedOnly permission class will only allow authenticated users to access your endpoint.
from rest_framework.views import APIView from mongo_auth.permissions import AuthenticatedOnly from rest_framework.response import Response from rest_framework import status class GetTest(APIView): permission_classes = [AuthenticatedOnly] def get(self, request, format=None): try: print(request.user) # This is where magic happens return Response(status=status.HTTP_200_OK, data={"data": {"msg": "User Authenticated"}}) except: return Response(status=status.HTTP_404_NOT_FOUND)
Or, if you’re using the @api_view decorator with function based views.
from mongo_auth.permissions import AuthenticatedOnly from rest_framework.decorators import permission_classes from rest_framework.decorators import api_view from rest_framework.response import Response from rest_framework import status @api_view(["GET"]) @permission_classes([AuthenticatedOnly]) def get_test(request): try: print(request.user) return Response(status=status.HTTP_200_OK, data={"data": {"msg": "User Authenticated"}}) except: return Response(status=status.HTTP_404_NOT_FOUND)
Don’t forget to pass “Authorization” Header in your requests while using your views with “AuthenticatedOnly” Permission Class.
More Info
Passlib is used for password encryption with default scheme as “django_pbkdf2_sha256”.
Only for Django 2.0 and above.
Dependent on “django-rest-framework” and “pymongo”.
More Work To Do
Fields like “username”, “mobile” or some unique field should be supportable for login.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for mango_jwt-1.2.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b0ff361079c4d2c53635ac9be0bcc32deb8568fe682e2e17bf3d0974c30247fa |
|
MD5 | 545929a2f550cf0a19fae5bfc57e8c41 |
|
BLAKE2b-256 | fd33cb90ada4ba48bb40c4f1c360ac3d90eb4e0173b55ca4cccd7a27ef54d733 |