I'm assuming that you already have a Django project set up using DRF and some standard variant on a Django User model. If you are using Tastypie instead of DRF, see our complemetary piece: Integrating Django, Tastypie & Python Social Auth. Open the file drf_auth0_api/urls.py and update it like below.This post is to help you set up Django REST Framework with Python Social Auth the goal here is to allow users to sign up and sign in to your app using Facebook, Twitter, etc., using API endpoints that you manage with Django REST Framework. We are now done with authentication part. create ( username = auth0_username, user = user ) auth0_user. get_or_create ( email = email ) auth0_user = Auth0User. get ( 'email' ) if not email : raise exceptions. last () if not auth0_user : user_data = get_auth0_user_data ( token ) email = user_data. authenticate_credentials ( token ) def authenticate_credentials ( self, token ): payload, is_valid = is_valid_auth0token ( token ) if not is_valid : raise exceptions. err_msg ) if len ( auth ) > 2 : raise exceptions. encode (): return None if len ( auth ) = 1 : raise exceptions. ''' keyword = 'Bearer' err_msg = 'Invalid token headers' def authenticate ( self, request ): auth = get_authorization_header ( request ). HTTP header, prepended with the string 'Bearer '. json () return data class Auth0TokenAuthentication ( BaseAuthentication ): '''Ĭlients should authenticate by passing the token key in the 'Authorization' get_unverified_header ( token ) rsa_key = resp = requests. AUTH0_DOMAIN + '/.well-known/jwks.json' ) jwks = resp. Import requests from nf import settings from import get_user_model from jose import jwt from rest_framework import exceptions from rest_thentication import ( BaseAuthentication, get_authorization_header ) from todo.models import Auth0User User = get_user_model () def is_valid_auth0token ( token ): # TODO: remove request and make the `json` file as part of the project to save the request time resp = requests. We also need API Audience to get this drf-auth0 api details, there we can find the Identifier (i.e API Audience) Now, go to the drf-auth0 (Test Application) auth0 app detail page where we can find the domain, client id and client secret. To create an user click on the Users & Roles in the left side menu it will show the option to Users now, click on it and create an user with email and password. How to get auth0 jwt tokens (access_token and id_token)īefore getting the jwt tokens, we have to create an user. Now, go to the dashboard settings and configure the API Authorization Settings and save it. In my case the Connection name is Username-Password-Authentication. If not just create a Database Connection. Now, it will show up the available database connections. To get the Connection Name, just click on the Connections on left side nav menu there you can find the database link. We have to configure it with the Connection Name. If we click on the profile dropdown it will show up the screen like above then click on the settings it will take us to the settings screen where we can find the Default Directory setting setting. Let’s go to the dashboard and configure the settings. If we do not set the API authorization settings then it throw the error unauthorized. We will get the jwt tokens from the endpoint /oauth/token by passing the username and password to it. You can allow grant types based on your requirement. Otherwise we will get error when we try to get the tokens. Allow the grant type password and save it. It will show the options to select grant types. Now, it will show us Grant Types click on that tab. In the bottom you can find then Show Advanced Settings link, click on it. You will find the app drf-auth0 (Test Application).Ĭlick on the application it will show the app details like domain, client id, client secret, etc. After that fill out the form and crete an API.Īuth0 API app configuration - Grant TypesĬlick on the applications in the auth0 dashboard. Now, click on the create api button it will bring the screen below. Login in to auth0 and go to the dashboard click on apis. Login to Auth0 and Create API appĪuth0 is providing the free tier upto 7000 users. In this artice we will learn how to implement auth0 on DRF (Django REST Framework).
0 Comments
Leave a Reply. |