Convert Figma logo to code with AI

jazzband logodjangorestframework-simplejwt

A JSON Web Token authentication plugin for the Django REST Framework.

4,193
697
4,193
165
View on GitHub

Top Related Projects

jpadilla's avatar

django-rest-framework-jwt

3,183

JSON Web Token Authentication support for Django REST Framework

jpadilla's avatar

pyjwt

5,433

JSON Web Token implementation in Python

jazzband's avatar

djangorestframework-simplejwt

4,193

A JSON Web Token authentication plugin for the Django REST Framework.

jazzband's avatar

django-oauth-toolkit

3,248

OAuth2 goodies for the Djangonauts!

encode's avatar

django-rest-framework

29,356

Web APIs for Django. 🎸

Quick Overview

Django REST framework Simple JWT is a JSON Web Token authentication plugin for Django REST Framework. It provides a simple and secure way to implement token-based authentication in Django applications, allowing for stateless authentication between clients and servers.

Pros

  • Easy integration with Django REST Framework
  • Supports both access and refresh tokens for enhanced security
  • Customizable token settings and claims
  • Active community support and regular updates

Cons

  • Limited to JWT-based authentication only
  • Requires additional setup for more complex authentication scenarios
  • Potential security risks if not properly implemented
  • May introduce overhead for simple applications that don't require token-based auth

Code Examples

  1. Creating a token pair:
from rest_framework_simplejwt.tokens import RefreshToken

def get_tokens_for_user(user):
    refresh = RefreshToken.for_user(user)
    return {
        'refresh': str(refresh),
        'access': str(refresh.access_token),
    }
  1. Customizing token claims:
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
from rest_framework_simplejwt.views import TokenObtainPairView

class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
    @classmethod
    def get_token(cls, user):
        token = super().get_token(user)
        token['name'] = user.username
        return token

class MyTokenObtainPairView(TokenObtainPairView):
    serializer_class = MyTokenObtainPairSerializer
  1. Verifying and decoding a token:
from rest_framework_simplejwt.tokens import AccessToken

def decode_token(token):
    try:
        decoded_token = AccessToken(token)
        return decoded_token.payload
    except Exception as e:
        return None

Getting Started

  1. Install the package:
pip install djangorestframework-simplejwt
  1. Add to INSTALLED_APPS in settings.py:
INSTALLED_APPS = [
    # ...
    'rest_framework_simplejwt',
]
  1. Configure authentication classes in settings.py:
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    )
}
  1. Add JWT views to urls.py:
from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView

urlpatterns = [
    # ...
    path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
    path('api/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
]

Competitor Comparisons

jpadilla logo

django-rest-framework-jwt

3,183

JSON Web Token Authentication support for Django REST Framework

Pros of django-rest-framework-jwt

  • Simpler setup and configuration for basic JWT authentication
  • Lightweight with fewer dependencies
  • Easier to understand and modify for developers new to JWT

Cons of django-rest-framework-jwt

  • No longer actively maintained (last commit in 2018)
  • Lacks advanced features like token refresh and blacklisting
  • Limited customization options compared to djangorestframework-simplejwt

Code Comparison

djangorestframework-simplejwt:

from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView

urlpatterns = [
    path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
    path('api/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
]

django-rest-framework-jwt:

from rest_framework_jwt.views import obtain_jwt_token

urlpatterns = [
    path('api-token-auth/', obtain_jwt_token),
]

The code comparison shows that djangorestframework-simplejwt provides separate views for token obtainment and refresh, while django-rest-framework-jwt offers a single view for token obtainment. This reflects the more advanced features and flexibility of djangorestframework-simplejwt.

jpadilla logo

pyjwt

5,433

JSON Web Token implementation in Python

Pros of PyJWT

  • Lightweight and focused solely on JWT encoding/decoding
  • Can be used independently of Django or any web framework
  • Supports a wide range of algorithms for token signing

Cons of PyJWT

  • Lacks built-in integration with Django REST framework
  • Requires additional setup for authentication and token management
  • Does not provide out-of-the-box views for token issuance and refresh

Code Comparison

PyJWT:

import jwt

encoded = jwt.encode({"some": "payload"}, "secret", algorithm="HS256")
decoded = jwt.decode(encoded, "secret", algorithms=["HS256"])

djangorestframework-simplejwt:

from rest_framework_simplejwt.tokens import RefreshToken

token = RefreshToken.for_user(user)
access_token = str(token.access_token)

PyJWT focuses on low-level JWT operations, while djangorestframework-simplejwt provides a higher-level abstraction specifically tailored for Django REST framework. PyJWT offers more flexibility for use in various contexts, but requires more manual setup for authentication workflows. djangorestframework-simplejwt, on the other hand, integrates seamlessly with Django REST framework and provides ready-to-use views and serializers for token management, making it more convenient for Django projects.

jazzband logo

djangorestframework-simplejwt

4,193

A JSON Web Token authentication plugin for the Django REST Framework.

Pros of djangorestframework-simplejwt

  • Provides a robust and secure implementation of JSON Web Tokens (JWT) for Django REST Framework
  • Offers customizable token settings, including token lifetime and refresh capabilities
  • Supports both access and refresh tokens, enhancing security and user experience

Cons of djangorestframework-simplejwt

  • May have a steeper learning curve for developers new to JWT authentication
  • Requires additional configuration and setup compared to simpler authentication methods
  • Limited built-in support for token revocation, which may require custom implementation

Code Comparison

Both repositories contain the same codebase, as they are the same project. Here's a sample of the token generation code:

class TokenObtainPairView(TokenViewBase):
    serializer_class = TokenObtainPairSerializer

class TokenRefreshView(TokenViewBase):
    serializer_class = TokenRefreshSerializer

class TokenVerifyView(TokenViewBase):
    serializer_class = TokenVerifySerializer

This code defines the main views for obtaining, refreshing, and verifying tokens in djangorestframework-simplejwt.

Summary

djangorestframework-simplejwt is a powerful JWT implementation for Django REST Framework. It offers robust security features and customization options but may require more setup and understanding of JWT concepts. The project is well-maintained and widely used in the Django community for implementing token-based authentication in REST APIs.

jazzband logo

django-oauth-toolkit

3,248

OAuth2 goodies for the Djangonauts!

Pros of django-oauth-toolkit

  • Full OAuth2 implementation, supporting all grant types and token types
  • Provides more comprehensive security features and compliance with OAuth2 standards
  • Offers additional tools like token management and introspection endpoints

Cons of django-oauth-toolkit

  • More complex setup and configuration compared to djangorestframework-simplejwt
  • Steeper learning curve for developers new to OAuth2 concepts
  • May be overkill for simpler authentication scenarios

Code Comparison

djangorestframework-simplejwt:

from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView

urlpatterns = [
    path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
    path('api/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
]

django-oauth-toolkit:

from oauth2_provider.views import TokenView, RevokeTokenView

urlpatterns = [
    path('o/token/', TokenView.as_view(), name='token'),
    path('o/revoke_token/', RevokeTokenView.as_view(), name='revoke-token'),
]

The code comparison shows that django-oauth-toolkit requires more setup and configuration, but offers more comprehensive OAuth2 functionality. djangorestframework-simplejwt provides a simpler implementation focused on JWT authentication, making it easier to set up for basic token-based authentication scenarios.

encode logo

django-rest-framework

29,356

Web APIs for Django. 🎸

Pros of Django REST Framework

  • More comprehensive and feature-rich, offering a complete toolkit for building Web APIs
  • Extensive documentation and large community support
  • Provides browsable API, serialization, and authentication out of the box

Cons of Django REST Framework

  • Heavier and more complex, which may be overkill for simple JWT authentication needs
  • Steeper learning curve for developers new to the framework
  • Requires more setup and configuration for basic JWT functionality

Code Comparison

Django REST Framework (generic view):

from rest_framework import generics

class UserList(generics.ListCreateAPIView):
    queryset = User.objects.all()
    serializer_class = UserSerializer

Simple JWT (token view):

from rest_framework_simplejwt.views import TokenObtainPairView

urlpatterns = [
    path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
]

Django REST Framework is a comprehensive toolkit for building Web APIs, while Simple JWT focuses specifically on JSON Web Token authentication for Django REST Framework. DRF offers more features and flexibility but may be excessive for projects only needing JWT authentication. Simple JWT provides a lightweight solution for JWT implementation but lacks the broader API development tools found in DRF.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Simple JWT

.. image:: https://jazzband.co/static/img/badge.svg :target: https://jazzband.co/ :alt: Jazzband .. image:: https://github.com/jazzband/djangorestframework-simplejwt/workflows/Test/badge.svg :target: https://github.com/jazzband/djangorestframework-simplejwt/actions :alt: GitHub Actions .. image:: https://codecov.io/gh/jazzband/djangorestframework-simplejwt/branch/master/graph/badge.svg :target: https://codecov.io/gh/jazzband/djangorestframework-simplejwt .. image:: https://img.shields.io/pypi/v/djangorestframework-simplejwt.svg :target: https://pypi.python.org/pypi/djangorestframework-simplejwt .. image:: https://img.shields.io/pypi/pyversions/djangorestframework-simplejwt.svg :target: https://pypi.python.org/pypi/djangorestframework-simplejwt .. image:: https://img.shields.io/pypi/djversions/djangorestframework-simplejwt.svg :target: https://pypi.python.org/pypi/djangorestframework-simplejwt .. image:: https://readthedocs.org/projects/django-rest-framework-simplejwt/badge/?version=latest :target: https://django-rest-framework-simplejwt.readthedocs.io/en/latest/

Abstract

Simple JWT is a JSON Web Token authentication plugin for the Django REST Framework <http://www.django-rest-framework.org/>__.

For full documentation, visit django-rest-framework-simplejwt.readthedocs.io <https://django-rest-framework-simplejwt.readthedocs.io/en/latest/>__.

Translations

Contribute translations directly with PRs or via inlang https://inlang.com/editor/github.com/jazzband/djangorestframework-simplejwt