Skip to content
/ django-oneauth Public

Smart user model with JWT-based authentication and OTP

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

techoutlooks/django-oneauth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
demo
demo
 
 
oneauth
oneauth
 
 
templates
templates
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

Django One Auth

django-oneauth

Django one-factor authentication using JWT tokens, resting on a "smart" User model. Our User model is swappable and implemented as a SmartModel for tracking CRUD operations from model to view levels, which uses email or phone_number field as the USERNAME_FIELD.

Rationale

Needed introspection natively built into Django models for use in my SaaS projects, to be enabled to leverage the power of big data analytics -slash- machine learning wherever needed.

Features

  • Who created, updated or deleted a User instance? and when?
  • Restore deleted user instances (not truly deleted, but hidden from the ORM to regular users).
  • Pluggable RESTful authentication schemes (defaults to JWT).
  • Optional sign-up validation via OTP (email, SMS).
  • Model, Manager Admin and View mixins to help build custom Django components.
  • Concrete User model exists that may be swapped for custom one.
  • Get the current user in situations when a request object doesn't avail, eg. from models.

Requirements

Python 3+, Django 2.2+, 
phonenumberslite, django-phonenumber-field, 
djangorestframework, djangorestframework-simplejwt 
django-cors-headers,

Setup

Install django-oneauth inside a virtual env. Deps:

pip3 install -U virtualenv
virtualenv -p /usr/bin/python3 venv
source venv/bin/activate
pip3 install -e git+https://github.com/techoutlooks/django-oneauth.git#egg=oneauth

Bootstrapping the demo project (complete example illustrating working with foreign models and signals)

cd demo
python manage.py migrate
python manage.py runserver

Testing the REST API

  • Requesting a JWT token:

      export EMAIL=<email-here>
  export PASSWORD=<password-here>
  
  # using curl
  curl \
    -X POST \
    -H "Content-Type: application/json" \
    -d "{\"email\": \"${EMAIL}\", \"password\": \"$PASSWORD\"}" \
  http://localhost:8001/api/o/token/
  
  # or, using httpie
  http post http://127.0.0.1:8001/api/o/token/ email=$EMAIL password=$PASSWORD

  • Accessing protected resources using the JWT token obtained previously:

      curl \
    -H "Authorization: Bearer <JWT-token>" \
  http://localhost:8001/api/accounts/

TODO

  • management commands for creating restoring users, users stats, etc.

About

Smart user model with JWT-based authentication and OTP

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages