Metadata-Version: 2.1
Name: django-azure-auth
Version: 0.1.3
Summary: A simple Django app for user authentication with Azure Active Directory.
Home-page: https://github.com/AgileTek/django-azure-auth
License: MIT
Author: AgileTek Engineering
Author-email: london@agiletek.co.uk
Requires-Python: >=3.8,<4.0
Classifier: Framework :: Django
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Requires-Dist: Django (>=3.2)
Requires-Dist: msal (>=1.18.0,<2.0.0)
Description-Content-Type: text/markdown

![Build](https://github.com/AgileTek/django-azure-auth/actions/workflows/push-actions.yml/badge.svg)

# Django Azure Auth
A simple Django app for user authentication with Azure Active Directory.

## Description
`django-azure-auth` is a Django app which wraps the great [MSAL](https://github.com/AzureAD/microsoft-authentication-library-for-python)
package to enable authentication against Microsoft's Azure Active Directory in Django projects.

The app includes `login`, `logout` and `callback` authentication views, and a decorator
to protect other views. A `middleware` module will be included in an upcoming release, which
will avoid the need to protect each view individually with the decorator.

This project is in no way affiliated with Microsoft.

## Installation
From PyPi:
```bash
pip install django-azure-auth
```

## Configuration
### Azure setup
- Register an app at https://portal.azure.com/.
- Add a client secret and note it down.
- Add a redirect URI of the format `https://<domain>/azure_auth/callback`.

### Settings
Add the following to your `settings.py`, replacing the variables in braces with the values
from your Azure app: 
```python
AZURE_AUTH = {
    "CLIENT_ID": "<client id>",
    "CLIENT_SECRET": "<client secret>",
    "REDIRECT_URI": "https://<domain>/azure_auth/callback",
    "SCOPES": ["User.Read"],
    "AUTHORITY": "https://login.microsoftonline.com/<tenant id>",   # Or https://login.microsoftonline.com/common if multi-tenant
    "LOGOUT_URI": "https://<domain>/logout",    # Optional
}
LOGIN_URL = "/azure_auth/login"
LOGIN_REDIRECT_URL = "/"    # Or any other endpoint
```
#### Note: You should obfuscate the credentials by using environment variables.

### Installed apps
Add the following to your `INSTALLED_APPS`:
```python
INSTALLED_APPS = (
    "...",
    "azure_auth",
    "..."
)
```

### Authentication backend
Configure the authentication backend:
```python
AUTHENTICATION_BACKENDS = ("azure_auth.backends.AzureBackend",)
```

### URLs
Include the app's URLs in your `urlpatterns`:
```python
from django.urls import path, include

urlpatterns = [
    path("azure_auth/", include("azure_auth.urls"),),
]
```

## Usage
### Decorator
To make user authentication a requirement for accessing an individual view, decorate the
view like so:
```python
from azure_auth.decorators import azure_auth_required
from django.shortcuts import HttpResponse

@azure_auth_required
def protected_view(request):
    return HttpResponse("A view protected by the decorator")
```
## Planned development
- Middleware
- Groups management

## Credits
This app is heavily inspired by and builds on functionality in 
https://github.com/shubhamdipt/django-microsoft-authentication, with both feature 
improvements and code assurance through testing.

Credit also to:
- https://github.com/Azure-Samples/ms-identity-python-webapp
- https://github.com/AzMoo/django-okta-auth
