MCPcopy
hub / github.com/iMerica/dj-rest-auth

github.com/iMerica/dj-rest-auth @7.2.0 sqlite

repository ↗ · DeepWiki ↗ · release 7.2.0 ↗
383 symbols 1,562 edges 57 files 73 documented · 19%
README

dj-rest-auth

CI Security PyPI Python Django

Secure drop-in authentication endpoints for Django REST Framework. Works seamlessly with SPAs and mobile apps.

Documentation | PyPI

Features

  • Login, logout, password change, password reset
  • User registration with email verification
  • Built-in MFA/2FA support (TOTP + recovery codes)
  • JWT authentication with HTTP-only cookies
  • Social auth (Google, GitHub, Facebook) via django-allauth
  • Fully customizable serializers

Architecture

flowchart LR
    Client[Client

React / Vue / Mobile]

    subgraph Django
        subgraph dj-rest-auth
            Auth[Login / Logout]
            Reg[Registration]
            PW[Password Reset]
        end

        DRF[Django REST Framework]
        DJAuth[django.contrib.auth]
        AA[django-allauth]
        JWT[simplejwt]
    end

    Client <--> dj-rest-auth

    Auth --> DRF
    Auth --> DJAuth
    Auth -.-> JWT
    Reg -.-> AA
    PW --> DJAuth

Quick Start

pip install dj-rest-auth
# settings.py
INSTALLED_APPS = [
    ...
    'rest_framework',
    'rest_framework.authtoken',
    'dj_rest_auth',
]
# urls.py
urlpatterns = [
    path('auth/', include('dj_rest_auth.urls')),
]

You now have:

Endpoint Method Description
/auth/login/ POST Obtain auth token
/auth/logout/ POST Revoke token
/auth/user/ GET, PUT User details
/auth/password/change/ POST Change password
/auth/password/reset/ POST Request reset email
/auth/password/reset/confirm/ POST Confirm reset

JWT with HTTP-only Cookies

pip install dj-rest-auth djangorestframework-simplejwt
# settings.py
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'dj_rest_auth.jwt_auth.JWTCookieAuthentication',
    ],
}

REST_AUTH = {
    'USE_JWT': True,
    'JWT_AUTH_COOKIE': 'access',
    'JWT_AUTH_REFRESH_COOKIE': 'refresh',
    'JWT_AUTH_HTTPONLY': True,
}

Registration

pip install 'dj-rest-auth[with-social]'
# settings.py
INSTALLED_APPS = [
    ...
    'django.contrib.sites',
    'allauth',
    'allauth.account',
    'dj_rest_auth.registration',
]

SITE_ID = 1
# urls.py
urlpatterns = [
    path('auth/', include('dj_rest_auth.urls')),
    path('auth/registration/', include('dj_rest_auth.registration.urls')),
]

MFA / 2FA

pip install 'dj-rest-auth[with-mfa]'

MFA ships as an opt-in sub-package (dj_rest_auth.mfa) with:

  • TOTP login challenge flow
  • Recovery codes
  • Security-focused defaults (short-lived MFA tokens, activation confirmation)

See the guide for setup and endpoint details:
MFA Guide

Documentation

Full documentation at dj-rest-auth.readthedocs.io

Contributing

pip install -r dj_rest_auth/tests/requirements.txt
python runtests.py

See Contributing Guide for details.

License

MIT

Extension points exported contracts — how you extend this code

User (Interface)
(no doc)
demo/spa-client/context/AuthContext.tsx
AuthContextType (Interface)
(no doc)
demo/spa-client/context/AuthContext.tsx
MfaSetupData (Interface)
(no doc)
demo/spa-client/app/mfa/setup/page.tsx

Core symbols most depended-on inside this repo

post
called by 187
dj_rest_auth/tests/mixins.py
get
called by 49
dj_rest_auth/tests/mixins.py
activate
called by 38
dj_rest_auth/mfa/totp.py
generate_totp_secret
called by 26
dj_rest_auth/mfa/totp.py
get
called by 22
dj_rest_auth/views.py
get
called by 15
dj_rest_auth/mfa/views.py
log_mfa_event
called by 14
dj_rest_auth/mfa/audit.py
is_mfa_enabled
called by 12
dj_rest_auth/mfa/utils.py

Shape

Method 248
Class 82
Function 48
Interface 3
Route 2

Languages

Python94%
TypeScript6%

Modules by API surface

dj_rest_auth/tests/test_api.py58 symbols
dj_rest_auth/tests/test_mfa.py46 symbols
dj_rest_auth/serializers.py34 symbols
dj_rest_auth/views.py23 symbols
dj_rest_auth/mfa/views.py23 symbols
dj_rest_auth/registration/serializers.py22 symbols
dj_rest_auth/registration/views.py21 symbols
dj_rest_auth/tests/test_social.py17 symbols
dj_rest_auth/tests/urls.py15 symbols
dj_rest_auth/tests/test_serializers.py14 symbols
dj_rest_auth/jwt_auth.py14 symbols
dj_rest_auth/tests/mixins.py13 symbols

Dependencies from manifests, versioned

@types/node20.17.18 · 1×
@types/react19.0.8 · 1×
@types/react-dom19.0.3 · 1×
axios1.13.5 · 1×
cookies-next6.1.1 · 1×
eslint9.19.0 · 1×
eslint-config-next16.1.6 · 1×
next16.1.6 · 1×
qrcode.react4.2.0 · 1×
react19.2.3 · 1×
react-dom19.2.3 · 1×

For agents

$ claude mcp add dj-rest-auth \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact