Skip to content

Muizzyranking/drf-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
accounts
accounts
 
 
config
config
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
manage.py
manage.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

DRF JWT Authentication System

A simple authentication system built with Django REST Framework (DRF) and JSON Web Tokens (JWT).

Table of Contents

Setup

Prerequisites

  • Python 3.8+
  • pip

Installation

  1. Clone the repository:
git clone <repository-url>
cd <project-directory>
  1. Create and activate a virtual environment:
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate
  1. Install dependencies:
pip install -r requirements.txt
  1. Create a .env file in the root directory with the following variables:
SECRET_KEY=your-secret-key-here
TOKEN_EXPIRY=3600
EMAIL_HOST_USER="<your email here>"
EMAIL_HOST_PASSWORD="<your password>"

Email Configuration

This project uses Gmail SMTP for sending emails. If you encounter issues sending emails, ensure that:

  • "Allow less secure apps" is enabled in your Gmail account settings.

  • If you have Two-Factor Authentication (2FA) enabled, create an App Password:

For more information, visit: Google Support.

  1. Run migrations:
python manage.py migrate
  1. Start the development server:
python manage.py runserver

API Endpoints

Sign Up

  • URL: /api/auth/signup/
  • Method: POST
  • Description: Register a new user with email verification
  • Request Body:
{
    "email": "[email protected]",
    "password": "secure_password",
}
  • Success Response:
    • Code: 201
    • Content:
{
    "message": "User created successfully"
}
  • Error Response:
    • Code: 400
    • Content:
{
    "message": "failed to send verification email: [error details]"
}

Email Confirmation

  • URL: /api/auth/confirm-email/<token>/
  • Method: GET
  • Description: Confirm user's email using the verification token
  • URL Parameters: token=[string]
  • Success Response:
    • Code: 200
    • Content:
{
    "message": "Email verified successfully!"
}
  • Error Responses:
    • Code: 400
    • Content:
{
    "message": "Token has expired. Request a new one."
}

OR

{
    "message": "Invalid token"
}

OR

{
    "message": "Email is already verified."
}

Resend Verification Email

  • URL: /api/auth/resend-verification-email/
  • Method: GET
  • Description: Resend verification email to user
  • Query Parameters: email=[string]
  • Success Response:
    • Code: 200
    • Content:
{
    "message": "Verification email sent"
}
  • Error Responses:
    • Code: 400
    • Content:
{
    "message": "No email is provided"
}

OR

{
    "message": "Email is already verified."
}

Login

  • URL: /api/auth/login/
  • Method: POST
  • Description: Authenticate user and receive JWT tokens
  • Request Body:
{
    "email": "[email protected]",
    "password": "secure_password"
}
  • Success Response:
    • Code: 200
    • Content:
{
    "message": "Login successful",
    "access": "access_token_here",
    "refresh": "refresh_token_here"
}
  • Error Response:
    • Code: 401
    • Content:
{
    "message": "Invalid credentials"
}

Refresh Token

  • URL: /api/auth/token/refresh/
  • Method: POST
  • Description: Refresh JWT access token using a valid refresh token
  • Request Body:
{
    "refresh": "your-refresh-token-here"
}
  • Success Response:
    • Code: 200
    • Content:
{
    "access": "new-access-token-here"
}
  • Error Response:
    • Code: 400
    • Content:
{
    "message": "Invalid refresh token."
}

Usage Examples

Python Example using Requests

import requests

BASE_URL = "http://localhost:8000/api/auth"

def signup_user(email, password, first_name, last_name):
    response = requests.post(f"{BASE_URL}/signup/", json={
        "email": email,
        "password": password,
        "first_name": first_name,
        "last_name": last_name
    })
    return response.json()

def login_user(email, password):
    response = requests.post(f"{BASE_URL}/login/", json={
        "email": email,
        "password": password
    })
    return response.json()

def refresh_access_token(refresh_token):
    response = requests.post(f"{BASE_URL}/token/refresh/", json={
        "refresh": refresh_token
    })
    return response.json()

def confirm_email(token):
    response = requests.get(f"{BASE_URL}/confirm-email/{token}/")
    return response.json()

def resend_verification(email):
    response = requests.get(f"{BASE_URL}/resend-verification-email/", 
                          params={"email": email})
    return response.json()

cURL Examples

  1. Sign Up:
curl -X POST http://localhost:8000/api/auth/signup/ \
     -H "Content-Type: application/json" \
     -d '{"email":"[email protected]","password":"secure_password","first_name":"John","last_name":"Doe"}'
  1. Login:
curl -X POST http://localhost:8000/api/auth/login/ \
     -H "Content-Type: application/json" \
     -d '{"email":"[email protected]","password":"secure_password"}'
  1. Refresh Token:
curl -X POST http://localhost:8000/api/auth/token/refresh/ \
     -H "Content-Type: application/json" \
     -d '{"refresh":"your-refresh-token-here"}'
  1. Confirm Email:
curl -X GET http://localhost:8000/api/auth/confirm-email/your-token-here/
  1. Resend Verification Email:
curl -X GET "http://localhost:8000/api/auth/resend-verification-email/[email protected]"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages