diff --git a/.flake8 b/.flake8 index 6033f2f..2b3911d 100644 --- a/.flake8 +++ b/.flake8 @@ -4,3 +4,4 @@ exclude = *migrations*, *venv* virtualenv + docs diff --git a/.gitignore b/.gitignore index 8db6663..db9fc51 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,8 @@ __pycache__/ *.py[cod] venv/ +.vscode/ +build/ # C extensions *.so diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 25813f1..0000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "python.formatting.provider": "black", - "python.linting.pylintEnabled": false, - "python.linting.flake8Enabled": true, - "python.linting.enabled": true, - "restructuredtext.confPath": "${workspaceFolder}/venv/lib/python3.8/site-packages/django/urls" -} \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 100644 index d2a985a..0000000 --- a/CHANGELOG.md +++ /dev/null @@ -1,2 +0,0 @@ -## 0.1.0 -- Initial release diff --git a/MANIFEST.in b/MANIFEST.in deleted file mode 100644 index f24cebf..0000000 --- a/MANIFEST.in +++ /dev/null @@ -1,4 +0,0 @@ -include README.md -include CHANGELOG.md -include LICENSE -include CONTRIBUTORS diff --git a/README.md b/README.md index 008f062..f79ce22 100644 --- a/README.md +++ b/README.md @@ -16,14 +16,13 @@ Durin authentication is token based, similar to the `TokenAuthentication` built in to DRF. However, it adds some extra sauce: - Durin allows **multiple tokens per user**. But only one token each user per API client. -- Each user token is associated with an API Client. These API Clients are configurable via Django's Admin Interface. +- Each user token is associated with an API Client. These API Clients are configurable via Django's Admin Interface. This allows restricting certain `APIViews` to only specific clients or vice-a-versa. - All Durin **tokens have an expiration time**. This expiration time can be different per API client. -- Durin provides an option for a logged in user to remove *all* - tokens that the server has - forcing him/her to re-authenticate for all API clients. +- Durin provides an option for a logged in user to **remove all tokens** that the server has - forcing them to re-authenticate for all API clients. - Durin **tokens can be renewed** to get a fresh expiry. - Durin provides a `CachedTokenAuthentication` backend as well which uses memoization for faster look ups. -More information can be found in the [Documentation](https://django-rest-durin.readthedocs.io/). +More information can be found in the [Documentation](https://django-rest-durin.readthedocs.io/en/latest/installation.html). ## Django Compatibility Matrix @@ -47,8 +46,4 @@ This project is published with the [MIT License](LICENSE). See [https://chooseal ## Credits -<<<<<<< HEAD -Durin is inpired by the [django-rest-knox](https://github.com/James1345/django-rest-knox) and [django-rest-multitokenauth](https://github.com/anexia-it/django-rest-multitokenauth) libraries and includes some learnings and code from both. -======= -Durin is inpired by the [django-rest-knox](https://github.com/James1345/django-rest-knox) and [django-rest-multitokenauth](https://github.com/anexia-it/django-rest-multitokenauth) libraries and includes some learnings, docs and code from both. ->>>>>>> docs +Durin is inpired by the [django-rest-knox](https://github.com/James1345/django-rest-knox) and [django-rest-multitokenauth](https://github.com/anexia-it/django-rest-multitokenauth) libraries and adopts some learnings, docs and code from both. diff --git a/docs/auth.md b/docs/auth.md deleted file mode 100644 index 5872373..0000000 --- a/docs/auth.md +++ /dev/null @@ -1,108 +0,0 @@ -# Authentication `knox.auth` - -Knox provides one class to handle authentication. - -## TokenAuthentication - -This works using [DRF's authentication system](http://www.django-rest-framework.org/api-guide/authentication/). - -Knox tokens should be generated using the provided views. -Any `APIView` or `ViewSet` can be accessed using these tokens by adding `TokenAuthentication` -to the View's `authentication_classes`. -To authenticate, the `Authorization` header should be set on the request, with a -value of the word `"Token"`, then a space, then the authentication token provided by -`LoginView`. - -Example: -```python -from rest_framework.permissions import IsAuthenticated -from rest_framework.response import Response -from rest_framework.views import APIView - -from knox.auth import TokenAuthentication - -class ExampleView(APIView): - authentication_classes = (TokenAuthentication,) - permission_classes = (IsAuthenticated,) - - def get(self, request, format=None): - content = { - 'foo': 'bar' - } - return Response(content) -``` - -Example auth header: - -```javascript -Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b9836F45E23A345 -``` - -Tokens expire after a preset time. See settings. - - -### Global usage on all views - -You can activate TokenAuthentication on all your views by adding it to `REST_FRAMEWORK["DEFAULT_AUTHENTICATION_CLASSES"]`. - -If it is your only default authentication class, remember to overwrite knox's LoginView, otherwise it'll not work, since the login view will require a authentication token to generate a new token, rendering it unusable. - -For instance, you can authenticate users using Basic Authentication by simply overwriting knox's LoginView and setting BasicAuthentication as one of the acceptable authentication classes, as follows: - -```python - -views.py: - -from knox.views import LoginView as KnoxLoginView -from rest_framework.authentication import BasicAuthentication - -class LoginView(KnoxLoginView): - authentication_classes = [BasicAuthentication] - -urls.py: - -from knox import views as knox_views -from yourapp.api.views import LoginView - -urlpatterns = [ - url(r'login/', LoginView.as_view(), name='knox_login'), - url(r'logout/', knox_views.LogoutView.as_view(), name='knox_logout'), - url(r'logoutall/', knox_views.LogoutAllView.as_view(), name='knox_logoutall'), -] -``` - -You can use any number of authentication classes if you want to be able to authenticate using different methods (eg.: Basic and JSON) in the same view. Just be sure not to set TokenAuthentication as your only authentication class on the login view. - -If you decide to use Token Authentication as your only authentication class, you can overwrite knox's login view as such: - -```python - -views.py: - -from django.contrib.auth import login - -from rest_framework import permissions -from rest_framework.authtoken.serializers import AuthTokenSerializer -from knox.views import LoginView as KnoxLoginView - -class LoginView(KnoxLoginView): - permission_classes = (permissions.AllowAny,) - - def post(self, request, format=None): - serializer = AuthTokenSerializer(data=request.data) - serializer.is_valid(raise_exception=True) - user = serializer.validated_data['user'] - login(request, user) - return super(LoginView, self).post(request, format=None) - -urls.py: - -from knox import views as knox_views -from yourapp.api.views import LoginView - -urlpatterns = [ - url(r'login/', LoginView.as_view(), name='knox_login'), - url(r'logout/', knox_views.LogoutView.as_view(), name='knox_logout'), - url(r'logoutall/', knox_views.LogoutAllView.as_view(), name='knox_logoutall'), -] -``` \ No newline at end of file diff --git a/docs/changelog.md b/docs/changelog.md deleted file mode 120000 index 04c99a5..0000000 --- a/docs/changelog.md +++ /dev/null @@ -1 +0,0 @@ -../CHANGELOG.md \ No newline at end of file diff --git a/docs/index.md b/docs/index.md deleted file mode 100644 index 8a498e9..0000000 --- a/docs/index.md +++ /dev/null @@ -1,31 +0,0 @@ -# Django-Rest-Knox -Knox provides easy to use authentication for [Django REST Framework](http://www.django-rest-framework.org/) -The aim is to allow for common patterns in applications that are REST based, -with little extra effort; and to ensure that connections remain secure. - -Knox authentication is token based, similar to the `TokenAuthentication` built -in to DRF. However, it overcomes some problems present in the default implementation: - -- DRF tokens are limited to one per user. This does not facilitate securely - signing in from multiple devices, as the token is shared. It also requires - *all* devices to be logged out if a server-side logout is required (i.e. the - token is deleted). - - Knox provides one token per call to the login view - allowing - each client to have its own token which is deleted on the server side when the client - logs out. Knox also provides an optional setting to limit the amount of tokens generated - per user. - - Knox also provides an option for a logged in client to remove *all* tokens - that the server has - forcing all clients to re-authenticate. - -- DRF tokens are stored unencrypted in the database. This would allow an attacker - unrestricted access to an account with a token if the database were compromised. - - Knox tokens are only stored in an encrypted form. Even if the database were - somehow stolen, an attacker would not be able to log in with the stolen - credentials. - -- DRF tokens track their creation time, but have no inbuilt mechanism for tokens - expiring. Knox tokens can have an expiry configured in the app settings (default is - 10 hours.) diff --git a/docs/installation.md b/docs/installation.md deleted file mode 100644 index ad7da04..0000000 --- a/docs/installation.md +++ /dev/null @@ -1,66 +0,0 @@ -# Installation - -## Requirements - -Knox depends on `cryptography` to provide bindings to `OpenSSL` for token generation -This requires the OpenSSL build libraries to be available. - -### Windows -Cryptography is a statically linked build, no extra steps are needed - -### Linux -`cryptography` should build very easily on Linux provided you have a C compiler, -headers for Python (if you’re not using `pypy`), and headers for the OpenSSL and -`libffi` libraries available on your system. - -Debian and Ubuntu: -```bash -sudo apt-get install build-essential libssl-dev libffi-dev python3-dev python-dev -``` - -Fedora and RHEL-derivatives: -```bash -sudo yum install gcc libffi-devel python-devel openssl-devel -``` -For other systems or problems, see the [cryptography installation docs](https://cryptography.io/en/latest/installation/) - -## Installing Knox -Knox should be installed with pip - -```bash -pip install django-rest-knox -``` - -## Setup knox - -- Add `rest_framework` and `knox` to your `INSTALLED_APPS`, remove -`rest_framework.authtoken` if you were using it. - -```python -INSTALLED_APPS = ( - ... - 'rest_framework', - 'knox', - ... -) -``` - -- Make knox's TokenAuthentication your default authentification class -for django-rest-framework: - -```python -REST_FRAMEWORK = { - 'DEFAULT_AUTHENTICATION_CLASSES': ('knox.auth.TokenAuthentication',), - ... -} -``` - -- Add the [knox url patterns](urls.md#urls-knoxurls) to your project. - -- If you set TokenAuthentication as the only default authentication class on the second step, [override knox's LoginView](auth.md#global-usage-on-all-views) to accept another authentication method and use it instead of knox's default login view. - -- Apply the migrations for the models - -```bash -python manage.py migrate -``` diff --git a/docs/requirements.docs.txt b/docs/requirements.docs.txt index 8edc918..331b87d 100644 --- a/docs/requirements.docs.txt +++ b/docs/requirements.docs.txt @@ -1,4 +1,5 @@ -../requirements.dev.txt +-r ../requirements.dev.txt +django>=2.2 commonmark==0.9.1 docutils==0.16 Sphinx==3.2.1 diff --git a/docs/settings.md b/docs/settings.md deleted file mode 100644 index 4fb1b36..0000000 --- a/docs/settings.md +++ /dev/null @@ -1,105 +0,0 @@ -# Settings `knox.settings` - -Settings in Knox are handled in a similar way to the rest framework settings. -All settings are namespaced in the `'REST_KNOX'` setting. - -Example `settings.py` - -```python -#...snip... -# These are the default values if none are set -from datetime import timedelta -from rest_framework.settings import api_settings -REST_KNOX = { - 'SECURE_HASH_ALGORITHM': 'cryptography.hazmat.primitives.hashes.SHA512', - 'AUTH_TOKEN_CHARACTER_LENGTH': 64, - 'TOKEN_TTL': timedelta(hours=10), - 'USER_SERIALIZER': 'knox.serializers.UserSerializer', - 'TOKEN_LIMIT_PER_USER': None, - 'AUTO_REFRESH': False, - 'EXPIRY_DATETIME_FORMAT': api_settings.DATETME_FORMAT, -} -#...snip... -``` - -## SECURE_HASH_ALGORITHM -This is a reference to the class used to provide the hashing algorithm for -token storage. - -*Do not change this unless you know what you are doing* - -By default, Knox uses SHA-512 to hash tokens in the database. - -`cryptography.hazmat.primitives.hashes.Whirlpool` is an acceptable alternative setting -for production use. - -### Tests -SHA-512 and Whirlpool are secure, however, they are slow. This should not be a -problem for your users, but when testing it may be noticable (as test cases tend -to use many more requests much more quickly than real users). In testing scenarios -it is acceptable to use `MD5` hashing.(`cryptography.hazmat.primitives.hashes.MD5`) - -MD5 is **not secure** and must *never* be used in production sites. - -## AUTH_TOKEN_CHARACTER_LENGTH -This is the length of the token that will be sent to the client. By default it -is set to 64 characters (this shouldn't need changing). - -## TOKEN_TTL -This is how long a token can exist before it expires. Expired tokens are automatically -removed from the system. - -The setting should be set to an instance of `datetime.timedelta`. The default is -10 hours ()`timedelta(hours=10)`). - -Setting the TOKEN_TTL to `None` will create tokens that never expire. - -Warning: setting a 0 or negative timedelta will create tokens that instantly expire, -the system will not prevent you setting this. - -## TOKEN_LIMIT_PER_USER -This allows you to control how many tokens can be issued per user. -By default this option is disabled and set to `None` -- thus no limit. - -## USER_SERIALIZER -This is the reference to the class used to serialize the `User` objects when -succesfully returning from `LoginView`. The default is `knox.serializers.UserSerializer` - -## AUTO_REFRESH -This defines if the token expiry time is extended by TOKEN_TTL each time the token -is used. - -## MIN_REFRESH_INTERVAL -This is the minimum time in seconds that needs to pass for the token expiry to be updated -in the database. - -## AUTH_HEADER_PREFIX -This is the Authorization header value prefix. The default is `Token` - -## EXPIRY_DATETIME_FORMAT -This is the expiry datetime format returned in the login view. The default is the -[DATETIME_FORMAT][DATETIME_FORMAT] of Django REST framework. May be any of `None`, `iso-8601` -or a Python [strftime format][strftime format] string. - -[DATETIME_FORMAT]: https://www.django-rest-framework.org/api-guide/settings/#date-and-time-formatting -[strftime format]: https://docs.python.org/3/library/time.html#time.strftime - -# Constants `knox.settings` -Knox also provides some constants for information. These must not be changed in -external code; they are used in the model definitions in knox and an error will -be raised if there is an attempt to change them. - -```python -from knox.settings import CONSTANTS - -print(CONSTANTS.DIGEST_LENGTH) #=> 128 -print(CONSTANTS.SALT_LENGTH) #=> 16 -``` - -## DIGEST_LENGTH -This is the length of the digest that will be stored in the database for each token. - -## SALT_LENGTH -This is the length of the [salt][salt] that will be stored in the database for each token. - -[salt]: https://en.wikipedia.org/wiki/Salt_(cryptography) diff --git a/docs/source/changelog.rst b/docs/source/changelog.rst new file mode 100644 index 0000000..5405606 --- /dev/null +++ b/docs/source/changelog.rst @@ -0,0 +1,7 @@ +Changelog +============ + +`v0.1.0 `__ +-------------------------------------------------------------------------------- + +- Initial release diff --git a/docs/source/conf.py b/docs/source/conf.py index b81f970..448a9f3 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -30,8 +30,9 @@ copyright = "2020, Eshaan Bansal" author = "Eshaan Bansal" +version = "0.1.0" # The full version, including alpha/beta/rc tags -release = "0.1.0" +release = "v0.1.0" # -- General configuration --------------------------------------------------- @@ -83,9 +84,6 @@ "**": ["localtoc.html", "relations.html", "searchbox.html"], } singlehtml_sidebars = {"index": ["localtoc.html"]} -html_static_path = ["_static"] -# html_favicon = "_static/flask-icon.png" -# html_logo = "_static/flask-icon.png" html_title = f"{project} Documentation ({release})" diff --git a/docs/source/contribute.rst b/docs/source/contribute.rst index 7d925d7..d41a036 100644 --- a/docs/source/contribute.rst +++ b/docs/source/contribute.rst @@ -1,7 +1,7 @@ Development ================================ -If you would like to contribute to django-rest-durin, you can clone the `respository `__ from GitHub. +If you would like to contribute to django-rest-durin, you can clone the `repository `__ from GitHub. .. parsed-literal:: git clone https://github.com/Eshaan7/django-rest-durin @@ -13,8 +13,8 @@ Extra dependencies required during testing or development can be installed with: Before committing your changes with git or pushing them to remote, please run the following: - .. parsed-literal:: -bash pre-commit.sh +.. parsed-literal:: + bash pre-commit.sh Run the tests locally ================================ diff --git a/docs/source/faq.rst b/docs/source/faq.rst new file mode 100644 index 0000000..5cfb559 --- /dev/null +++ b/docs/source/faq.rst @@ -0,0 +1,23 @@ +FAQ: Why use durin over JWT or other libraries ? +================================================= + +Good question. + +Authentication is tricky. There are many libraries available for DRF which provide token authentication. +I've personally used `drf-simplejwt `__ +and `django-rest-knox `__ and they are both great at their `implementation`. + +**So why would you want to use Django-Rest-Durin ?** + +Here are a few use cases which I needed (and why it lead me to create durin) +and might help you make a better decision too, + +- If you'd like to use Django's Admin interface to manage the different clients which consume your API. +- If you want the token expiration to be dependent on what API client it is meant for. + For example, you might want to create tokens which never expire for a Command Line client but want a shorter expiry for a JavaScript (web) client. +- If you want to limit number of tokens allowed per user. +- If you'd like to refresh token expiry without changing token key. +- If you or your organization are interested in Client Level Analytics such as keeping track of which user uses what client the most, etc. +- If you want to restrict certian ``APIView`` or ``Viewsets`` to allow authenticated requests from only specific clients of your choice. + +.... and more. Make a PR on GitHub to tell us what you use durin for! \ No newline at end of file diff --git a/docs/source/index.rst b/docs/source/index.rst index 5ea4e4a..57a2f29 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -14,9 +14,13 @@ Durin authentication is token based, similar to the ``TokenAuthentication`` built in to DRF. However, it adds some extra sauce: - Durin allows **multiple tokens** per user. But only one token each user per API client. -- Each user token is associated with an API Client. These API Clients (:class:`durin.models.Client`) are configurable via Django's Admin Interface. -- All Durin tokens have an expiration time. This expiration time can be different per API client. -- Durin provides an option for a logged in user to remove **all** tokens that the server has - forcing him/her to re-authenticate for all API clients. +- Each user token is associated with an API Client. + + - These API Clients (:class:`durin.models.Client`) are configurable via Django's Admin Interface. + - Allows only specific clients to make authenticated requests to certain ``APIViews`` or vice-a-versa. + +- All Durin **tokens have an expiration time**. This expiration time can be different per API client. +- Durin provides an option for a logged in user to **remove all tokens** that the server has - forcing him/her to re-authenticate for all API clients. - Durin **tokens can be renewed** to get a fresh expiry. - Durin provides a :class:`durin.auth.CachedTokenAuthentication` backend as well which uses memoization for faster look ups. @@ -36,6 +40,8 @@ Get started at :doc:`installation`. urls permissions signals + faq + changelog contribute API Reference diff --git a/docs/source/views.rst b/docs/source/views.rst index 054b3a4..2ef6f50 100644 --- a/docs/source/views.rst +++ b/docs/source/views.rst @@ -12,11 +12,14 @@ LoginView :members: :show-inheritance: +Response Data and User Serialization +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + When the endpoint authenticates a request, a JSON object will be returned containing the ``token`` as a string, ``expiry`` as a timestamp for when the token expires. -*This is because ``USER_SERIALIZER`` setting is `None` by default.* +This is because ``USER_SERIALIZER`` setting is ``None`` by default. If you wish to return custom data upon successful authentication like ``first_name``, ``last_name``, and ``username`` then the included ``UserSerializer`` diff --git a/docs/urls.md b/docs/urls.md deleted file mode 100644 index 9517712..0000000 --- a/docs/urls.md +++ /dev/null @@ -1,28 +0,0 @@ -#URLS `knox.urls` -Knox provides a url config ready with its three default views routed. - -This can easily be included in your url config: - -```python -urlpatterns = [ - #...snip... - url(r'api/auth/', include('knox.urls')) - #...snip... -] -``` -**Note** It is important to use the string syntax and not try to import `knox.urls`, -as the reference to the `User` model will cause the app to fail at import time. - -The views would then acessible as: - -- `/api/auth/login` -> `LoginView` -- `/api/auth/logout` -> `LogoutView` -- `/api/auth/logoutall` -> `LogoutAllView` - -they can also be looked up by name: - -```python -reverse('knox_login') -reverse('knox_logout') -reverse('knox_logoutall') -``` diff --git a/docs/views.md b/docs/views.md deleted file mode 100644 index 509c58d..0000000 --- a/docs/views.md +++ /dev/null @@ -1,78 +0,0 @@ -# Views `knox.views` -Knox provides three views that handle token management for you. - -## LoginView -This view accepts only a post request with an empty body. - -The LoginView accepts the same sort of authentication as your Rest Framework -`DEFAULT_AUTHENTICATION_CLASSES` setting. If this is not set, it defaults to -`(SessionAuthentication, BasicAuthentication)`. - -LoginView was designed to work well with Basic authentication, or similar -schemes. If you would like to use a different authentication scheme to the -default, you can extend this class to provide your own value for -`authentication_classes` - -It is possible to customize LoginView behaviour by overriding the following -helper methods: -- `get_context(self)`, to change the context passed to the `UserSerializer` -- `get_token_ttl(self)`, to change the token ttl -- `get_token_limit_per_user(self)`, to change the number of tokens available for a user -- `get_user_serializer_class(self)`, to change the class used for serializing the user -- `get_expiry_datetime_format(self)`, to change the datetime format used for expiry -- `format_expiry_datetime(self, expiry)`, to format the expiry `datetime` object at your convinience - -Finally, if none of these helper methods are sufficient, you can also override `get_post_response_data` -to return a fully customized payload. - -```python -...snip... - def get_post_response_data(self, request, token, instance): - UserSerializer = self.get_user_serializer_class() - - data = { - 'expiry': self.format_expiry_datetime(instance.expiry), - 'token': token - } - if UserSerializer is not None: - data["user"] = UserSerializer( - request.user, - context=self.get_context() - ).data - return data -...snip... -``` - ---- -When the endpoint authenticates a request, a json object will be returned -containing the `token` key along with the actual value for the key by default. -The success response also includes a `expiry` key with a timestamp for when -the token expires. - -> *This is because `USER_SERIALIZER` setting is `None` by default.* - -If you wish to return custom data upon successful authentication -like `first_name`, `last_name`, and `username` then the included `UserSerializer` -class can be used inside `REST_KNOX` settings by adding `knox.serializers.UserSerializer` - ---- - -Obviously, if your app uses a custom user model that does not have these fields, -a custom serializer must be used. - -## LogoutView -This view accepts only a post request with an empty body. -It responds to Knox Token Authentication. On a successful request, -the token used to authenticate is deleted from the -system and can no longer be used to authenticate. - -## LogoutAllView -This view accepts only a post request with an empty body. It responds to Knox Token -Authentication. -On a successful request, the token used to authenticate, and *all other tokens* -registered to the same `User` account, are deleted from the -system and can no longer be used to authenticate. - -**Note** It is not recommended to alter the Logout views. They are designed -specifically for token management, and to respond to Knox authentication. -Modified forms of the class may cause unpredictable results. diff --git a/durin/admin.py b/durin/admin.py index 33bc3ea..fa0e9b2 100644 --- a/durin/admin.py +++ b/durin/admin.py @@ -9,6 +9,7 @@ class AuthTokenAdmin(admin.ModelAdmin): In most cases, you would want to override this to make ``AuthTokenAdmin.raw_id_fields = ("user",)`` """ + exclude = ("token", "expiry") list_display = ( "token", @@ -45,4 +46,5 @@ class ClientAdmin(admin.ModelAdmin): """ Django's ModelAdmin for Client. """ + list_display = ("id", "name", "token_ttl") diff --git a/durin/views.py b/durin/views.py index 584aa26..25f5838 100644 --- a/durin/views.py +++ b/durin/views.py @@ -71,7 +71,7 @@ def get_token_obj(cls, request, client: "Client") -> "AuthToken": @classmethod def renew_token(cls, token_obj: "AuthToken") -> None: """ - How to renew the token instance in case + How to renew the token instance in case ``settings.REFRESH_TOKEN_ON_LOGIN`` is set to ``True``. """ token_obj.renew_token(renewed_by=cls) diff --git a/example_project/settings.py b/example_project/settings.py index b4a4014..e7a1784 100644 --- a/example_project/settings.py +++ b/example_project/settings.py @@ -1,7 +1,7 @@ import os BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) -SECRET_KEY = "supersecretexamplekey" +SECRET_KEY = "friend" # http://tolkiengateway.net/wiki/Doors_of_Durin DEBUG = True ALLOWED_HOSTS = [] INSTALLED_APPS = ( diff --git a/mkdocs.sh b/mkdocs.sh deleted file mode 100755 index ac64849..0000000 --- a/mkdocs.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash -set -e -MOUNT_FOLDER=/app -MKDOCS_DEV_ADDR=${MKDOCS_DEV_ADDR-"0.0.0.0"} -MKDOCS_DEV_PORT=${MKDOCS_DEV_PORT-"8000"} - -docker run --rm -it \ - -v $(pwd):$MOUNT_FOLDER \ - -w $MOUNT_FOLDER \ - -p $MKDOCS_DEV_PORT:$MKDOCS_DEV_PORT \ - -e MKDOCS_DEV_ADDR="$MKDOCS_DEV_ADDR:$MKDOCS_DEV_PORT" \ - squidfunk/mkdocs-material:3.2.0 $* diff --git a/mkdocs.yml b/mkdocs.yml deleted file mode 100644 index d69b2c0..0000000 --- a/mkdocs.yml +++ /dev/null @@ -1,14 +0,0 @@ -site_name: Django-Rest-Durin -repo_url: https://github.com/eshaan7/django-rest-durin -theme: readthedocs -nav: - - Home: 'index.md' - - Installation: 'installation.md' - - API Guide: - - Views: 'views.md' - - URLs: 'urls.md' - - Authentication: 'auth.md' - - Settings: 'settings.md' - - Changelog: 'changelog.md' - -dev_addr: !!python/object/apply:os.getenv ["MKDOCS_DEV_ADDR"] diff --git a/requirements.dev.txt b/requirements.dev.txt index 970e15b..4facddb 100644 --- a/requirements.dev.txt +++ b/requirements.dev.txt @@ -1,4 +1,3 @@ -django>=2.2 djangorestframework>=3.7.0 humanize flake8 diff --git a/setup.py b/setup.py index 2fd131f..c983739 100644 --- a/setup.py +++ b/setup.py @@ -42,13 +42,14 @@ "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", "Topic :: Software Development :: Libraries :: Python Modules", ], - keywords="django rest authentication login token client", - packages=find_packages(exclude=["contrib", "docs", "tests*", "example_project"]), + keywords="django rest authentication login token client auth", + packages=find_packages(exclude=[".github", "docs", "tests", "example_project"]), install_requires=["django>=2.2", "djangorestframework>=3.7.0", "humanize"], project_urls={ - "Documentation": GITHUB_URL, + "Documentation": "https://django-rest-durin.readthedocs.io/", "Funding": "https://www.paypal.me/eshaanbansal", "Source": GITHUB_URL, "Tracker": "{}/issues".format(GITHUB_URL),