DJOSER — Django Rest framework Authentication
Djoser is one of the third-party package developed by SUNSCRAPERS for the authentication in Django Rest Framework. It provides a set of views to take care of basic actions such as Login, Logout, Password Reset, Account Activation and much more.
Djoser Setup
For the Djoser Setup, we must be sure of certain things that must meet the requirements. So, those requirements are:
Python(3.7, 3.8, 3.9, 3.10) :
Python version must be equal to or greater than 3.7 version.
Django (2.2, 3.1, 3.2, 4.0) :
Django must be in 2.2, 3.1, 3.2 or 4.0 version.
Django REST Framework (3.11.1, 3.12.1, 3.13) :
DRF must be greater or equal to 3.11 version.
But if you need to support other version, please use Djoser < 2.2 version. Anyway, let’s start the installation.
We can use our terminal by simply using pip to install. However, be sure to activate virtual environment.
pip install djoserIf you want to use JWT authentication, you also need to install that with simply code in the terminal.
pip install djangorestframework_simplejwtLastly, if you need social-auth i.e. third party based authentication i.e. facebook, you will need to install by one line in terminal below.
pip install social-auth-app-djangoIf you have completed that then lets start the configuration part. In the configuration part we just need to edit settings.py file of the django project where we need to add in INSTALLED APP.
INSTALLED_APPS = (
'django.contrib.auth',
(...),
'rest_framework',
'djoser',
(...),
)And in urls.py of the project name, just add urls of djoser. It looks something like this.
urlpatterns = [
(...),
path('auth/', include('djoser.urls')),
path('auth/', include('djoser.urls.jwt')),
]Now let’s setup default authentication in setting.py file
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
(...)
),
}Also, configure django-rest-framework-simplejwt to use the Authorization: JWT <access_token> header in settings.py file.
SIMPLE_JWT = {
'AUTH_HEADER_TYPES': ('JWT',),
}So, we have JSON web tokens set up as our default authentication scheme so it’s as easy as that and now we can kind a deal with the rest of these settings so other settings we’re gonna need.
DJOSER = {
'LOGIN_FIELD': 'email',
'USER_CREATE_PASSWORD_RETYPE': True,
'USERNAME_CHANGED_EMAIL_CONFIRMATION': True
'PASSWORD_RESET_CONFIRM_URL':
'#/password/reset/confirm/{uid}/{token}',
'USERNAME_RESET_CONFIRM_URL':
'#/username/reset/confirm/{uid}/{token}',
'ACTIVATION_URL': '#/activate/{uid}/{token}',
'SEND_ACTIVATION_EMAIL': True,
'SERIALIZERS': {},
}So, above code shows, our main login field is email and when we create a user I want them to be required to retype their passwords, so we have this user create password retype to True. Another thing I’m gonna use is username changed confirmation where if True then it changes username endpoints will send confirmation email to user. And another one is Password Reset Confirm Url, Username Change Confirmation Url and so on.
Thus with these configuration we can use the Djoser Package which makes us easier. Hope you enjoy the section.
Reference
https://www.django-rest-framework.org/api-guide/authentication/
