nilva-django-auth 0.1.8__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- nilva_django_auth-0.1.8/LICENSE +21 -0
- nilva_django_auth-0.1.8/MANIFEST.in +6 -0
- nilva_django_auth-0.1.8/PKG-INFO +272 -0
- nilva_django_auth-0.1.8/README.md +240 -0
- nilva_django_auth-0.1.8/nilva_django_auth/__init__.py +0 -0
- nilva_django_auth-0.1.8/nilva_django_auth/admin.py +44 -0
- nilva_django_auth-0.1.8/nilva_django_auth/apps.py +10 -0
- nilva_django_auth-0.1.8/nilva_django_auth/locale/fa/LC_MESSAGES/django.mo +0 -0
- nilva_django_auth-0.1.8/nilva_django_auth/locale/fa/LC_MESSAGES/django.po +100 -0
- nilva_django_auth-0.1.8/nilva_django_auth/migrations/0001_initial.py +77 -0
- nilva_django_auth-0.1.8/nilva_django_auth/migrations/__init__.py +0 -0
- nilva_django_auth-0.1.8/nilva_django_auth/models.py +187 -0
- nilva_django_auth-0.1.8/nilva_django_auth/serializers.py +43 -0
- nilva_django_auth-0.1.8/nilva_django_auth/session_management.py +197 -0
- nilva_django_auth-0.1.8/nilva_django_auth/settings.py +199 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/__init__.py +0 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/authentication.py +170 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/backends.py +152 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/compat.py +55 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/exceptions.py +39 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/models.py +109 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/serializers.py +220 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/settings.py +7 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/state.py +13 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/tokens.py +343 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/utils.py +32 -0
- nilva_django_auth-0.1.8/nilva_django_auth/simplejwt/views.py +140 -0
- nilva_django_auth-0.1.8/nilva_django_auth/urls.py +17 -0
- nilva_django_auth-0.1.8/nilva_django_auth/views.py +79 -0
- nilva_django_auth-0.1.8/nilva_django_auth.egg-info/PKG-INFO +272 -0
- nilva_django_auth-0.1.8/nilva_django_auth.egg-info/SOURCES.txt +34 -0
- nilva_django_auth-0.1.8/nilva_django_auth.egg-info/dependency_links.txt +1 -0
- nilva_django_auth-0.1.8/nilva_django_auth.egg-info/requires.txt +13 -0
- nilva_django_auth-0.1.8/nilva_django_auth.egg-info/top_level.txt +1 -0
- nilva_django_auth-0.1.8/pyproject.toml +60 -0
- nilva_django_auth-0.1.8/setup.cfg +4 -0
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2023 Nilva
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
@@ -0,0 +1,272 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: nilva-django-auth
|
|
3
|
+
Version: 0.1.8
|
|
4
|
+
Summary: A Django authentication package using DRF and JWT tokens
|
|
5
|
+
Author-email: mhmdreza <mrezajafarzade98@gmail.com>
|
|
6
|
+
License-Expression: MIT
|
|
7
|
+
Project-URL: homepage, https://github.com/nilva/nilva-django-auth
|
|
8
|
+
Project-URL: repository, https://github.com/nilva/nilva-django-auth
|
|
9
|
+
Classifier: Programming Language :: Python :: 3
|
|
10
|
+
Classifier: Operating System :: OS Independent
|
|
11
|
+
Classifier: Framework :: Django
|
|
12
|
+
Classifier: Framework :: Django :: 3.2
|
|
13
|
+
Classifier: Framework :: Django :: 4.0
|
|
14
|
+
Classifier: Framework :: Django :: 4.1
|
|
15
|
+
Classifier: Framework :: Django :: 4.2
|
|
16
|
+
Requires-Python: >=3.10
|
|
17
|
+
Description-Content-Type: text/markdown
|
|
18
|
+
License-File: LICENSE
|
|
19
|
+
Requires-Dist: django>=3.2
|
|
20
|
+
Requires-Dist: djangorestframework>=3.12.0
|
|
21
|
+
Requires-Dist: user-agents==2.2.0
|
|
22
|
+
Requires-Dist: PyJWT>=2.0.0
|
|
23
|
+
Provides-Extra: dev
|
|
24
|
+
Requires-Dist: pytest>=7.0.0; extra == "dev"
|
|
25
|
+
Requires-Dist: pytest-django>=4.5.0; extra == "dev"
|
|
26
|
+
Requires-Dist: pytest-cov>=4.1.0; extra == "dev"
|
|
27
|
+
Requires-Dist: drf-yasg>=1.21.0; extra == "dev"
|
|
28
|
+
Requires-Dist: black>=23.0.0; extra == "dev"
|
|
29
|
+
Requires-Dist: isort>=5.10.0; extra == "dev"
|
|
30
|
+
Requires-Dist: setuptools; extra == "dev"
|
|
31
|
+
Dynamic: license-file
|
|
32
|
+
|
|
33
|
+
# Nilva Django Auth
|
|
34
|
+
|
|
35
|
+
A comprehensive Django authentication package that uses Django REST Framework (DRF) and JWT tokens for secure, flexible authentication in Django applications.
|
|
36
|
+
|
|
37
|
+
## Features
|
|
38
|
+
|
|
39
|
+
- **JWT Token Authentication**: Secure authentication using JSON Web Tokens
|
|
40
|
+
- **Session Management**: Efficient handling of user sessions
|
|
41
|
+
- **Username/Password Authentication**: Secure authentication using username and password
|
|
42
|
+
- **Login Endpoint**: Simple API for user login
|
|
43
|
+
- **Logout Endpoint**: API for user logout
|
|
44
|
+
- **Logout All Devices**: Ability to terminate all active sessions
|
|
45
|
+
- **Token Refresh**: Automatic token refresh mechanism
|
|
46
|
+
- **Highly Configurable**: Customize the authentication flow to suit your needs
|
|
47
|
+
- **DRF Integration**: Seamless integration with Django REST Framework
|
|
48
|
+
|
|
49
|
+
## Installation
|
|
50
|
+
|
|
51
|
+
You can install the package using pip:
|
|
52
|
+
|
|
53
|
+
```bash
|
|
54
|
+
pip install nilva-django-auth
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
Or using uv (recommended):
|
|
58
|
+
|
|
59
|
+
```bash
|
|
60
|
+
uv pip install nilva-django-auth
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
## Development Setup
|
|
64
|
+
|
|
65
|
+
This project uses uv for dependency management. To set up a development environment:
|
|
66
|
+
|
|
67
|
+
1. Install uv:
|
|
68
|
+
|
|
69
|
+
```bash
|
|
70
|
+
pip install uv
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
2. Clone the repository:
|
|
74
|
+
|
|
75
|
+
```bash
|
|
76
|
+
git clone https://github.com/nilva/nilva-django-auth.git
|
|
77
|
+
cd nilva-django-auth
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
3. Install development dependencies:
|
|
81
|
+
|
|
82
|
+
```bash
|
|
83
|
+
uv pip install -e ".[dev]"
|
|
84
|
+
# or
|
|
85
|
+
uv pip install -r requirements-dev.txt
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
## Running Tests
|
|
89
|
+
|
|
90
|
+
You can run all tests using the provided bash script:
|
|
91
|
+
|
|
92
|
+
```bash
|
|
93
|
+
./run_tests.sh
|
|
94
|
+
```
|
|
95
|
+
|
|
96
|
+
The script supports several options:
|
|
97
|
+
|
|
98
|
+
```bash
|
|
99
|
+
# Run all tests
|
|
100
|
+
./run_tests.sh
|
|
101
|
+
|
|
102
|
+
# Run tests with coverage report
|
|
103
|
+
./run_tests.sh -c
|
|
104
|
+
|
|
105
|
+
# Run tests in verbose mode
|
|
106
|
+
./run_tests.sh -v
|
|
107
|
+
|
|
108
|
+
# Run a specific test file
|
|
109
|
+
./run_tests.sh tests/test_authentication.py
|
|
110
|
+
|
|
111
|
+
# Run a specific test
|
|
112
|
+
./run_tests.sh tests/test_authentication.py::AuthenticationTests::test_login
|
|
113
|
+
|
|
114
|
+
# Show help
|
|
115
|
+
./run_tests.sh -h
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
Alternatively, you can use pytest directly:
|
|
119
|
+
|
|
120
|
+
To run the tests:
|
|
121
|
+
|
|
122
|
+
```bash
|
|
123
|
+
python -m pytest
|
|
124
|
+
```
|
|
125
|
+
|
|
126
|
+
To run the tests with coverage:
|
|
127
|
+
|
|
128
|
+
```bash
|
|
129
|
+
python -m pytest --cov=nilva_django_auth
|
|
130
|
+
```
|
|
131
|
+
|
|
132
|
+
To run a specific test:
|
|
133
|
+
|
|
134
|
+
```bash
|
|
135
|
+
python -m pytest tests/test_authentication.py::AuthenticationTests::test_login
|
|
136
|
+
```
|
|
137
|
+
|
|
138
|
+
Note: Make sure you have installed the development dependencies first:
|
|
139
|
+
|
|
140
|
+
```bash
|
|
141
|
+
pip install -r requirements-dev.txt
|
|
142
|
+
# or
|
|
143
|
+
uv pip install -e ".[dev]"
|
|
144
|
+
```
|
|
145
|
+
|
|
146
|
+
## Quick Start
|
|
147
|
+
|
|
148
|
+
1. Add `nilva_django_auth` to your `INSTALLED_APPS` in `settings.py`:
|
|
149
|
+
|
|
150
|
+
```python
|
|
151
|
+
INSTALLED_APPS = [
|
|
152
|
+
# ...
|
|
153
|
+
'rest_framework',
|
|
154
|
+
'nilva_django_auth',
|
|
155
|
+
'nilva_django_auth',
|
|
156
|
+
# ...
|
|
157
|
+
]
|
|
158
|
+
```
|
|
159
|
+
|
|
160
|
+
2. Apply migrations to create the necessary database tables:
|
|
161
|
+
|
|
162
|
+
```bash
|
|
163
|
+
python manage.py migrate nilva_django_auth
|
|
164
|
+
python manage.py migrate nilva_django_auth
|
|
165
|
+
```
|
|
166
|
+
|
|
167
|
+
3. Configure the authentication backend in `settings.py`:
|
|
168
|
+
|
|
169
|
+
```python
|
|
170
|
+
from datetime import timedelta
|
|
171
|
+
|
|
172
|
+
REST_FRAMEWORK = {
|
|
173
|
+
'DEFAULT_AUTHENTICATION_CLASSES': (
|
|
174
|
+
'nilva_django_auth.simplejwt.authentication.JWTAuthentication',
|
|
175
|
+
),
|
|
176
|
+
}
|
|
177
|
+
|
|
178
|
+
# Nilva Django Auth settings
|
|
179
|
+
NILVA_AUTH = {
|
|
180
|
+
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5), # 5 minutes (default)
|
|
181
|
+
'REFRESH_TOKEN_LIFETIME': timedelta(days=1), # 1 day (default)
|
|
182
|
+
'AUTH_HEADER_TYPES': ('Bearer',),
|
|
183
|
+
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
|
|
184
|
+
'AUTH_COOKIE_NAME': 'auth',
|
|
185
|
+
'REFRESH_COOKIE_NAME': 'refresh',
|
|
186
|
+
'USE_COOKIES': False, # Set to True to use cookies instead of headers
|
|
187
|
+
'SECURE_COOKIES': True, # Use secure cookies in production
|
|
188
|
+
}
|
|
189
|
+
```
|
|
190
|
+
|
|
191
|
+
4. Include the authentication URLs in your project's `urls.py`:
|
|
192
|
+
|
|
193
|
+
```python
|
|
194
|
+
from django.urls import path, include
|
|
195
|
+
|
|
196
|
+
urlpatterns = [
|
|
197
|
+
# ...
|
|
198
|
+
path('auth/', include('nilva_django_auth.urls')),
|
|
199
|
+
# ...
|
|
200
|
+
]
|
|
201
|
+
```
|
|
202
|
+
|
|
203
|
+
|
|
204
|
+
## API Endpoints
|
|
205
|
+
|
|
206
|
+
- **Login**: `POST /auth/login/`
|
|
207
|
+
- Request: `{"username": "user", "password": "pass"}`
|
|
208
|
+
- Response: `{"access": "token", "refresh": "token"}`
|
|
209
|
+
|
|
210
|
+
- **Refresh Token**: `POST /auth/refresh/`
|
|
211
|
+
- Request: `{"refresh": "token"}`
|
|
212
|
+
- Response: `{"access": "new-token"}`
|
|
213
|
+
|
|
214
|
+
- **Verify Token**: `POST /auth/verify/`
|
|
215
|
+
- Request: `{"token": "token"}`
|
|
216
|
+
- Response: `{}` (200 OK if token is valid, error otherwise)
|
|
217
|
+
|
|
218
|
+
- **Logout**: `POST /auth/logout/`
|
|
219
|
+
- Request: `{"refresh": "token"}`
|
|
220
|
+
- Response: `{"success": "Successfully logged out"}`
|
|
221
|
+
|
|
222
|
+
- **Logout All**: `POST /auth/logout-all/`
|
|
223
|
+
- Request: `{}`
|
|
224
|
+
- Response: `{"success": "Successfully logged out from all devices"}`
|
|
225
|
+
|
|
226
|
+
- **List Sessions**: `GET /auth/sessions/`
|
|
227
|
+
- Response: `[{"id": 1, "device_info": "Chrome on Windows", "ip_address": "192.168.1.1", "created_at": "2023-01-01T12:00:00Z", "last_activity": "2023-01-01T13:00:00Z", "is_active": true}]`
|
|
228
|
+
|
|
229
|
+
## Advanced Configuration
|
|
230
|
+
|
|
231
|
+
The package is highly configurable. Here are some advanced configuration options:
|
|
232
|
+
|
|
233
|
+
```python
|
|
234
|
+
from datetime import timedelta
|
|
235
|
+
|
|
236
|
+
NILVA_AUTH = {
|
|
237
|
+
# Basic settings
|
|
238
|
+
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5), # 5 minutes (default)
|
|
239
|
+
'REFRESH_TOKEN_LIFETIME': timedelta(days=1), # 1 day (default)
|
|
240
|
+
|
|
241
|
+
|
|
242
|
+
# Token settings
|
|
243
|
+
'AUTH_HEADER_TYPES': ('Bearer',),
|
|
244
|
+
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
|
|
245
|
+
|
|
246
|
+
# Cookie settings
|
|
247
|
+
'USE_COOKIES': False,
|
|
248
|
+
'AUTH_COOKIE_NAME': 'auth',
|
|
249
|
+
'REFRESH_COOKIE_NAME': 'refresh',
|
|
250
|
+
'SECURE_COOKIES': True,
|
|
251
|
+
'HTTPONLY_COOKIES': True,
|
|
252
|
+
'SAMESITE_COOKIES': 'Lax',
|
|
253
|
+
|
|
254
|
+
# Custom user model
|
|
255
|
+
'USER_MODEL': 'auth.User',
|
|
256
|
+
|
|
257
|
+
# Token serializers (SimpleJWT)
|
|
258
|
+
'TOKEN_OBTAIN_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenObtainPairSerializer',
|
|
259
|
+
'TOKEN_REFRESH_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenRefreshSerializer',
|
|
260
|
+
'TOKEN_VERIFY_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenVerifySerializer',
|
|
261
|
+
'TOKEN_BLACKLIST_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenBlacklistSerializer',
|
|
262
|
+
'TOKEN_BLACKLIST_ALL_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenBlacklistAllSerializer',
|
|
263
|
+
}
|
|
264
|
+
```
|
|
265
|
+
|
|
266
|
+
## Contributing
|
|
267
|
+
|
|
268
|
+
Contributions are welcome! Please feel free to submit a Pull Request.
|
|
269
|
+
|
|
270
|
+
## License
|
|
271
|
+
|
|
272
|
+
This project is licensed under the MIT License - see the LICENSE file for details.
|
|
@@ -0,0 +1,240 @@
|
|
|
1
|
+
# Nilva Django Auth
|
|
2
|
+
|
|
3
|
+
A comprehensive Django authentication package that uses Django REST Framework (DRF) and JWT tokens for secure, flexible authentication in Django applications.
|
|
4
|
+
|
|
5
|
+
## Features
|
|
6
|
+
|
|
7
|
+
- **JWT Token Authentication**: Secure authentication using JSON Web Tokens
|
|
8
|
+
- **Session Management**: Efficient handling of user sessions
|
|
9
|
+
- **Username/Password Authentication**: Secure authentication using username and password
|
|
10
|
+
- **Login Endpoint**: Simple API for user login
|
|
11
|
+
- **Logout Endpoint**: API for user logout
|
|
12
|
+
- **Logout All Devices**: Ability to terminate all active sessions
|
|
13
|
+
- **Token Refresh**: Automatic token refresh mechanism
|
|
14
|
+
- **Highly Configurable**: Customize the authentication flow to suit your needs
|
|
15
|
+
- **DRF Integration**: Seamless integration with Django REST Framework
|
|
16
|
+
|
|
17
|
+
## Installation
|
|
18
|
+
|
|
19
|
+
You can install the package using pip:
|
|
20
|
+
|
|
21
|
+
```bash
|
|
22
|
+
pip install nilva-django-auth
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
Or using uv (recommended):
|
|
26
|
+
|
|
27
|
+
```bash
|
|
28
|
+
uv pip install nilva-django-auth
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
## Development Setup
|
|
32
|
+
|
|
33
|
+
This project uses uv for dependency management. To set up a development environment:
|
|
34
|
+
|
|
35
|
+
1. Install uv:
|
|
36
|
+
|
|
37
|
+
```bash
|
|
38
|
+
pip install uv
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
2. Clone the repository:
|
|
42
|
+
|
|
43
|
+
```bash
|
|
44
|
+
git clone https://github.com/nilva/nilva-django-auth.git
|
|
45
|
+
cd nilva-django-auth
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
3. Install development dependencies:
|
|
49
|
+
|
|
50
|
+
```bash
|
|
51
|
+
uv pip install -e ".[dev]"
|
|
52
|
+
# or
|
|
53
|
+
uv pip install -r requirements-dev.txt
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
## Running Tests
|
|
57
|
+
|
|
58
|
+
You can run all tests using the provided bash script:
|
|
59
|
+
|
|
60
|
+
```bash
|
|
61
|
+
./run_tests.sh
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
The script supports several options:
|
|
65
|
+
|
|
66
|
+
```bash
|
|
67
|
+
# Run all tests
|
|
68
|
+
./run_tests.sh
|
|
69
|
+
|
|
70
|
+
# Run tests with coverage report
|
|
71
|
+
./run_tests.sh -c
|
|
72
|
+
|
|
73
|
+
# Run tests in verbose mode
|
|
74
|
+
./run_tests.sh -v
|
|
75
|
+
|
|
76
|
+
# Run a specific test file
|
|
77
|
+
./run_tests.sh tests/test_authentication.py
|
|
78
|
+
|
|
79
|
+
# Run a specific test
|
|
80
|
+
./run_tests.sh tests/test_authentication.py::AuthenticationTests::test_login
|
|
81
|
+
|
|
82
|
+
# Show help
|
|
83
|
+
./run_tests.sh -h
|
|
84
|
+
```
|
|
85
|
+
|
|
86
|
+
Alternatively, you can use pytest directly:
|
|
87
|
+
|
|
88
|
+
To run the tests:
|
|
89
|
+
|
|
90
|
+
```bash
|
|
91
|
+
python -m pytest
|
|
92
|
+
```
|
|
93
|
+
|
|
94
|
+
To run the tests with coverage:
|
|
95
|
+
|
|
96
|
+
```bash
|
|
97
|
+
python -m pytest --cov=nilva_django_auth
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
To run a specific test:
|
|
101
|
+
|
|
102
|
+
```bash
|
|
103
|
+
python -m pytest tests/test_authentication.py::AuthenticationTests::test_login
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
Note: Make sure you have installed the development dependencies first:
|
|
107
|
+
|
|
108
|
+
```bash
|
|
109
|
+
pip install -r requirements-dev.txt
|
|
110
|
+
# or
|
|
111
|
+
uv pip install -e ".[dev]"
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
## Quick Start
|
|
115
|
+
|
|
116
|
+
1. Add `nilva_django_auth` to your `INSTALLED_APPS` in `settings.py`:
|
|
117
|
+
|
|
118
|
+
```python
|
|
119
|
+
INSTALLED_APPS = [
|
|
120
|
+
# ...
|
|
121
|
+
'rest_framework',
|
|
122
|
+
'nilva_django_auth',
|
|
123
|
+
'nilva_django_auth',
|
|
124
|
+
# ...
|
|
125
|
+
]
|
|
126
|
+
```
|
|
127
|
+
|
|
128
|
+
2. Apply migrations to create the necessary database tables:
|
|
129
|
+
|
|
130
|
+
```bash
|
|
131
|
+
python manage.py migrate nilva_django_auth
|
|
132
|
+
python manage.py migrate nilva_django_auth
|
|
133
|
+
```
|
|
134
|
+
|
|
135
|
+
3. Configure the authentication backend in `settings.py`:
|
|
136
|
+
|
|
137
|
+
```python
|
|
138
|
+
from datetime import timedelta
|
|
139
|
+
|
|
140
|
+
REST_FRAMEWORK = {
|
|
141
|
+
'DEFAULT_AUTHENTICATION_CLASSES': (
|
|
142
|
+
'nilva_django_auth.simplejwt.authentication.JWTAuthentication',
|
|
143
|
+
),
|
|
144
|
+
}
|
|
145
|
+
|
|
146
|
+
# Nilva Django Auth settings
|
|
147
|
+
NILVA_AUTH = {
|
|
148
|
+
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5), # 5 minutes (default)
|
|
149
|
+
'REFRESH_TOKEN_LIFETIME': timedelta(days=1), # 1 day (default)
|
|
150
|
+
'AUTH_HEADER_TYPES': ('Bearer',),
|
|
151
|
+
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
|
|
152
|
+
'AUTH_COOKIE_NAME': 'auth',
|
|
153
|
+
'REFRESH_COOKIE_NAME': 'refresh',
|
|
154
|
+
'USE_COOKIES': False, # Set to True to use cookies instead of headers
|
|
155
|
+
'SECURE_COOKIES': True, # Use secure cookies in production
|
|
156
|
+
}
|
|
157
|
+
```
|
|
158
|
+
|
|
159
|
+
4. Include the authentication URLs in your project's `urls.py`:
|
|
160
|
+
|
|
161
|
+
```python
|
|
162
|
+
from django.urls import path, include
|
|
163
|
+
|
|
164
|
+
urlpatterns = [
|
|
165
|
+
# ...
|
|
166
|
+
path('auth/', include('nilva_django_auth.urls')),
|
|
167
|
+
# ...
|
|
168
|
+
]
|
|
169
|
+
```
|
|
170
|
+
|
|
171
|
+
|
|
172
|
+
## API Endpoints
|
|
173
|
+
|
|
174
|
+
- **Login**: `POST /auth/login/`
|
|
175
|
+
- Request: `{"username": "user", "password": "pass"}`
|
|
176
|
+
- Response: `{"access": "token", "refresh": "token"}`
|
|
177
|
+
|
|
178
|
+
- **Refresh Token**: `POST /auth/refresh/`
|
|
179
|
+
- Request: `{"refresh": "token"}`
|
|
180
|
+
- Response: `{"access": "new-token"}`
|
|
181
|
+
|
|
182
|
+
- **Verify Token**: `POST /auth/verify/`
|
|
183
|
+
- Request: `{"token": "token"}`
|
|
184
|
+
- Response: `{}` (200 OK if token is valid, error otherwise)
|
|
185
|
+
|
|
186
|
+
- **Logout**: `POST /auth/logout/`
|
|
187
|
+
- Request: `{"refresh": "token"}`
|
|
188
|
+
- Response: `{"success": "Successfully logged out"}`
|
|
189
|
+
|
|
190
|
+
- **Logout All**: `POST /auth/logout-all/`
|
|
191
|
+
- Request: `{}`
|
|
192
|
+
- Response: `{"success": "Successfully logged out from all devices"}`
|
|
193
|
+
|
|
194
|
+
- **List Sessions**: `GET /auth/sessions/`
|
|
195
|
+
- Response: `[{"id": 1, "device_info": "Chrome on Windows", "ip_address": "192.168.1.1", "created_at": "2023-01-01T12:00:00Z", "last_activity": "2023-01-01T13:00:00Z", "is_active": true}]`
|
|
196
|
+
|
|
197
|
+
## Advanced Configuration
|
|
198
|
+
|
|
199
|
+
The package is highly configurable. Here are some advanced configuration options:
|
|
200
|
+
|
|
201
|
+
```python
|
|
202
|
+
from datetime import timedelta
|
|
203
|
+
|
|
204
|
+
NILVA_AUTH = {
|
|
205
|
+
# Basic settings
|
|
206
|
+
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5), # 5 minutes (default)
|
|
207
|
+
'REFRESH_TOKEN_LIFETIME': timedelta(days=1), # 1 day (default)
|
|
208
|
+
|
|
209
|
+
|
|
210
|
+
# Token settings
|
|
211
|
+
'AUTH_HEADER_TYPES': ('Bearer',),
|
|
212
|
+
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
|
|
213
|
+
|
|
214
|
+
# Cookie settings
|
|
215
|
+
'USE_COOKIES': False,
|
|
216
|
+
'AUTH_COOKIE_NAME': 'auth',
|
|
217
|
+
'REFRESH_COOKIE_NAME': 'refresh',
|
|
218
|
+
'SECURE_COOKIES': True,
|
|
219
|
+
'HTTPONLY_COOKIES': True,
|
|
220
|
+
'SAMESITE_COOKIES': 'Lax',
|
|
221
|
+
|
|
222
|
+
# Custom user model
|
|
223
|
+
'USER_MODEL': 'auth.User',
|
|
224
|
+
|
|
225
|
+
# Token serializers (SimpleJWT)
|
|
226
|
+
'TOKEN_OBTAIN_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenObtainPairSerializer',
|
|
227
|
+
'TOKEN_REFRESH_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenRefreshSerializer',
|
|
228
|
+
'TOKEN_VERIFY_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenVerifySerializer',
|
|
229
|
+
'TOKEN_BLACKLIST_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenBlacklistSerializer',
|
|
230
|
+
'TOKEN_BLACKLIST_ALL_SERIALIZER': 'nilva_django_auth.simplejwt.serializers.TokenBlacklistAllSerializer',
|
|
231
|
+
}
|
|
232
|
+
```
|
|
233
|
+
|
|
234
|
+
## Contributing
|
|
235
|
+
|
|
236
|
+
Contributions are welcome! Please feel free to submit a Pull Request.
|
|
237
|
+
|
|
238
|
+
## License
|
|
239
|
+
|
|
240
|
+
This project is licensed under the MIT License - see the LICENSE file for details.
|
|
File without changes
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
from django.contrib import admin
|
|
2
|
+
from django.utils.translation import gettext_lazy as _
|
|
3
|
+
|
|
4
|
+
from .models import UserSession
|
|
5
|
+
|
|
6
|
+
|
|
7
|
+
@admin.register(UserSession)
|
|
8
|
+
class UserSessionAdmin(admin.ModelAdmin):
|
|
9
|
+
list_display = ('user', 'ip_address', 'last_activity', 'is_active', 'os', 'browser')
|
|
10
|
+
list_filter = ('is_active', 'created_at', 'last_activity')
|
|
11
|
+
search_fields = ('user__username', 'user__email', 'ip_address')
|
|
12
|
+
readonly_fields = ('id', 'user', 'jti', 'user_agent', 'ip_address',
|
|
13
|
+
'exp', 'created_at', 'last_activity', 'os', 'browser',
|
|
14
|
+
'device_brand', 'device_model', 'device_family', 'is_mobile', 'referer')
|
|
15
|
+
|
|
16
|
+
fieldsets = (
|
|
17
|
+
(_('User Information'), {
|
|
18
|
+
'fields': ('user',)
|
|
19
|
+
}),
|
|
20
|
+
(_('Session Information'), {
|
|
21
|
+
'fields': ('id', 'jti', 'exp', 'is_active', 'created_at', 'last_activity', 'referer')
|
|
22
|
+
}),
|
|
23
|
+
(_('Device Information'), {
|
|
24
|
+
'fields': ('user_agent', 'os', 'browser', 'device_brand',
|
|
25
|
+
'device_model', 'device_family', 'is_mobile')
|
|
26
|
+
}),
|
|
27
|
+
(_('Location Information'), {
|
|
28
|
+
'fields': ('ip_address',)
|
|
29
|
+
}),
|
|
30
|
+
)
|
|
31
|
+
|
|
32
|
+
def has_add_permission(self, request):
|
|
33
|
+
# Sessions should only be created through the API, not manually
|
|
34
|
+
return False
|
|
35
|
+
|
|
36
|
+
def has_change_permission(self, request, obj=None):
|
|
37
|
+
# Only allow changing the is_active status
|
|
38
|
+
return True
|
|
39
|
+
|
|
40
|
+
def get_readonly_fields(self, request, obj=None):
|
|
41
|
+
# All fields are readonly except is_active
|
|
42
|
+
if obj:
|
|
43
|
+
return [f.name for f in obj._meta.fields if f.name != 'is_active']
|
|
44
|
+
return self.readonly_fields
|
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
# Persian translation for nilva-django-auth.
|
|
2
|
+
# Copyright (C) 2023 Nilva
|
|
3
|
+
# This file is distributed under the same license as the nilva-django-auth package.
|
|
4
|
+
msgid ""
|
|
5
|
+
msgstr ""
|
|
6
|
+
"Project-Id-Version: nilva-django-auth\n"
|
|
7
|
+
"Report-Msgid-Bugs-To: \n"
|
|
8
|
+
"POT-Creation-Date: 2023-08-11 12:00+0000\n"
|
|
9
|
+
"PO-Revision-Date: 2023-08-11 12:00+0000\n"
|
|
10
|
+
"Last-Translator: Nilva Team\n"
|
|
11
|
+
"Language-Team: Persian\n"
|
|
12
|
+
"Language: fa\n"
|
|
13
|
+
"MIME-Version: 1.0\n"
|
|
14
|
+
"Content-Type: text/plain; charset=UTF-8\n"
|
|
15
|
+
"Content-Transfer-Encoding: 8bit\n"
|
|
16
|
+
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
|
|
17
|
+
|
|
18
|
+
#: nilva_django_auth/session_management.py:33
|
|
19
|
+
msgid "Token is blacklisted"
|
|
20
|
+
msgstr "توکن به لیست سیاه رفته است"
|
|
21
|
+
|
|
22
|
+
#: nilva_django_auth/session_management.py:69
|
|
23
|
+
msgid "Token is blacklisted or expired"
|
|
24
|
+
msgstr "توکن در لیست سیاه قرار دارد یا منقضی شده است"
|
|
25
|
+
|
|
26
|
+
#: nilva_django_auth/session_management.py:72
|
|
27
|
+
msgid "Current session is too new. Please wait at least {} minutes before blacklisting other sessions."
|
|
28
|
+
msgstr "جلسه فعلی خیلی جدید است. لطفاً حداقل {} دقیقه قبل از قرار دادن جلسات دیگر در لیست سیاه صبر کنید."
|
|
29
|
+
|
|
30
|
+
#: nilva_django_auth/simplejwt/authentication.py:79
|
|
31
|
+
msgid "Authorization header must contain two space-delimited values"
|
|
32
|
+
msgstr "هدر اعتبارسنجی باید شامل دو مقدار جدا شده با فاصله باشد"
|
|
33
|
+
|
|
34
|
+
#: nilva_django_auth/simplejwt/authentication.py:108
|
|
35
|
+
msgid "Given token not valid for any token type"
|
|
36
|
+
msgstr "توکن داده شده برای هیچ نوع توکنی معتبر نمیباشد"
|
|
37
|
+
|
|
38
|
+
#: nilva_django_auth/simplejwt/authentication.py:127
|
|
39
|
+
#: nilva_django_auth/simplejwt/authentication.py:154
|
|
40
|
+
msgid "Token contained no recognizable user identification"
|
|
41
|
+
msgstr "توکن شامل هیچ شناسه قابل تشخیصی از کاربر نیست"
|
|
42
|
+
|
|
43
|
+
#: nilva_django_auth/simplejwt/authentication.py:132
|
|
44
|
+
msgid "User not found"
|
|
45
|
+
msgstr "کاربر یافت نشد"
|
|
46
|
+
|
|
47
|
+
#: nilva_django_auth/simplejwt/authentication.py:135
|
|
48
|
+
msgid "User is inactive"
|
|
49
|
+
msgstr "کاربر غیرفعال است"
|
|
50
|
+
|
|
51
|
+
#: nilva_django_auth/simplejwt/backends.py:67
|
|
52
|
+
msgid "Unrecognized algorithm type '{}'"
|
|
53
|
+
msgstr "نوع الگوریتم ناشناخته '{}'"
|
|
54
|
+
|
|
55
|
+
#: nilva_django_auth/simplejwt/backends.py:73
|
|
56
|
+
msgid "You must have cryptography installed to use {}."
|
|
57
|
+
msgstr "برای استفاده از {} باید رمزنگاری نصب شده باشد."
|
|
58
|
+
|
|
59
|
+
#: nilva_django_auth/simplejwt/backends.py:102
|
|
60
|
+
#: nilva_django_auth/simplejwt/backends.py:152
|
|
61
|
+
#: nilva_django_auth/simplejwt/exceptions.py:38
|
|
62
|
+
#: nilva_django_auth/simplejwt/tokens.py:43
|
|
63
|
+
msgid "Token is invalid or expired"
|
|
64
|
+
msgstr "توکن نامعتبر است یا منقضی شده است"
|
|
65
|
+
|
|
66
|
+
#: nilva_django_auth/simplejwt/backends.py:150
|
|
67
|
+
msgid "Invalid algorithm specified"
|
|
68
|
+
msgstr "الگوریتم نامعتبر مشخص شده است"
|
|
69
|
+
|
|
70
|
+
#: nilva_django_auth/simplejwt/serializers.py:26
|
|
71
|
+
msgid "No active account found with the given credentials"
|
|
72
|
+
msgstr "هیچ اکانت فعالی برای اطلاعات داده شده یافت نشد"
|
|
73
|
+
|
|
74
|
+
#: nilva_django_auth/simplejwt/tokens.py:29
|
|
75
|
+
msgid "Cannot create token with no type or lifetime"
|
|
76
|
+
msgstr "توکن بدون هیچ نوع و طول عمر قابل ساخت نیست"
|
|
77
|
+
|
|
78
|
+
#: nilva_django_auth/simplejwt/tokens.py:101
|
|
79
|
+
msgid "Token has no id"
|
|
80
|
+
msgstr "توکن id ندارد"
|
|
81
|
+
|
|
82
|
+
#: nilva_django_auth/simplejwt/tokens.py:114
|
|
83
|
+
msgid "Token has no type"
|
|
84
|
+
msgstr "توکن نوع ندارد"
|
|
85
|
+
|
|
86
|
+
#: nilva_django_auth/simplejwt/tokens.py:117
|
|
87
|
+
msgid "Token has wrong type"
|
|
88
|
+
msgstr "توکن نوع اشتباهی دارد"
|
|
89
|
+
|
|
90
|
+
#: nilva_django_auth/simplejwt/tokens.py:173
|
|
91
|
+
msgid "Token has no '{}' claim"
|
|
92
|
+
msgstr "توکن دارای '{}' claim نمیباشد"
|
|
93
|
+
|
|
94
|
+
#: nilva_django_auth/simplejwt/tokens.py:178
|
|
95
|
+
msgid "Token '{}' claim has expired"
|
|
96
|
+
msgstr "'{}' claim توکن منقضی شده"
|
|
97
|
+
|
|
98
|
+
#: nilva_django_auth/settings.py:148
|
|
99
|
+
msgid "The '{}' setting has been removed. Please refer to documentation for available settings."
|
|
100
|
+
msgstr "تنظیم '{}' حذف شده است. لطفا به '{}' برای تنظیمات موجود مراجعه کنید."
|