Features

• Multiple Authentication Types: JWT (default), DRF Token, or Custom

• Cookie-Based Security: HTTP-only cookies

• Complete User Management: Registration, password reset, email verification

• Multi-Factor Authentication: Support multiple MFAs with backup codes

• Social Authentication: Django Allauth integration with 50+ providers, support for both OAuth2 and OpenID connect.

• Internationalization: Built-in support for 57 languages including English, Spanish, French, German, Chinese, Japanese, Korean, Vietnamese, and more

• Full Type Safety: Complete type hints with mypy and pyright

• OpenAPI Integration: Auto-generated API documentation with DRF Spectacular

• Flexible Configuration: Customizable serializers, views, and authentication backends

Installation

pip install drf-auth-kit

Optional Features:

# For MFA support
pip install drf-auth-kit[mfa]

# For social authentication
pip install drf-auth-kit[social]

# For both MFA and social
pip install drf-auth-kit[all]

Core Dependencies: Django 5.0+, DRF 3.0+, Django Allauth, DRF SimpleJWT

Quick Start

1. Add to your Django settings:

INSTALLED_APPS = [
    # ... your apps
    'rest_framework',
    'allauth',  # Required for social auth
    'allauth.account',  # Required for social auth
    # 'allauth.socialaccount',  # For social login
    # 'allauth.socialaccount.providers.google',  # For Google login
    'auth_kit',
    # 'auth_kit.social',  # For social authentication
    # 'auth_kit.mfa',  # For MFA support
]

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'auth_kit.authentication.JWTCookieAuthentication',
    ],
}

# Override only if needed:
# AUTH_KIT = {
#     'USE_MFA': True,  # Enable MFA
# }

# Google OAuth2 settings (for social login)
# SOCIALACCOUNT_PROVIDERS = {
#     'google': {
#         'SCOPE': ['profile', 'email'],
#         'AUTH_PARAMS': {'access_type': 'online'},
#         'OAUTH_PKCE_ENABLED': True,
#         'APP': {
#             'client_id': 'your-google-client-id',
#             'secret': 'your-google-client-secret',
#         }
#     }
# }

2. Include Auth Kit URLs:

from django.urls import path, include

urlpatterns = [
    path('api/auth/', include('auth_kit.urls')),
    # path('api/auth/social/', include('auth_kit.social.urls')),  # For social auth
    # ... your other URLs
]

3. Run migrations (only needed if using MFA):

python manage.py migrate

Authentication Types

JWT Authentication (Recommended)

• Access and refresh tokens

• Token refresh support

• Secure cookie storage

DRF Token Authentication

• Simple token-based auth

• Compatible with DRF TokenAuthentication

• Cookie support available

Custom Authentication

• Bring your own authentication backend

• Full customization support

• Integrate with third-party services

Documentation

Please visit DRF Auth Kit docs for complete documentation, including:

• Detailed configuration options

• Custom serializer examples

• Advanced usage patterns

• Integration guides

Upcoming Features

Enhanced Multi-Factor Authentication

• ☐ Hardware Security Keys: YubiKey and FIDO2/WebAuthn support

• ☐ SMS & Voice: Twilio integration for SMS and voice-based MFA

• ☐ Authenticator Apps: Enhanced TOTP support (Google Authenticator, Authy, etc.)

• ☐ Trusted Devices: Remember MFA verification for trusted browsers/sessions

Passwordless Authentication

• ☐ WebAuthn: Biometric and hardware key authentication

• ☐ Magic Links: Email-based passwordless login

• ☐ SMS Login: One-time password via SMS

Advanced Security Features

• ☐ Rate Limiting: Configurable rate limits for authentication endpoints

• ☐ Account Lockout: Progressive delays and temporary account locks

• ☐ Audit Logging: Comprehensive security event logging

• ☐ Geographic Restrictions: IP-based access controls and geo-blocking

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Contents