For urgent issues and priority support, visit https://xscode.com/eshaan7/django-rest-durin.
Per API client token authentication Module for Django REST Framework.
The idea is to provide one library that does token auth for multiple Web/CLI/Mobile API clients (i.e. devices/user-agents) via one interface but allows different token configuration for each client.
Durin authentication is token based, similar to the TokenAuthentication
built in to DRF. However, it adds some extra sauce:
- Durin allows multiple tokens per user. But only one token each user per API client.
- Each user token is associated with an API Client.
- These API Clients are configurable via Django's Admin Interface.
- Includes permission enforcing to allow only specific clients to make authenticated requests to certain
APIViewsor vice-a-versa. - Configure Rate-Throttling per User <-> Client pair.
- Durin provides an option for a logged in user to remove all tokens that the server has - forcing them to re-authenticate for all API clients.
- Durin tokens can be renewed to get a fresh expiry.
- Durin provides a
CachedTokenAuthenticationbackend as well which uses memoization for faster look ups.
More information can be found in the Documentation. I'd also recommend going through the example_project/ included in this repository.
If your project uses an older verison of Django or Django Rest Framework, you can choose an older version of this project.
| This Project | Python Version | Django Version | Django Rest Framework |
|---|---|---|---|
| 0.1+ | 3.5 - 3.9 | 2.2, 3.0, 3.1, 3.2 | 3.7>= |
Make sure to use at least DRF 3.10 when using Django 3.0 or newer.
All releases should be listed in the releases tab on GitHub.
See CHANGELOG for a more detailed listing.
This project is published with the MIT License. See https://choosealicense.com/licenses/mit/ for more information about what this means.
Durin is inpired by the django-rest-knox and django-rest-multitokenauth libraries and adopts some learnings, docs and code from both.