Metadata-Version: 2.1
Name: django-oauth-toolkit-cookie-refresh
Version: 1.0.0
Summary: A Django app that facilitates authentication using cookie-based refresh token
Home-page: https://github.com/oscarychen/django-oauth-toolkit-cookie-refresh
Author: Oscar Chen
Author-email: quacky@duck.com
License: MIT
Description: # Django-oauth-toolkit-cookie-refresh
        
        Django-oauth-toolkit-cookie-refresh is a Django app to that provides REST authentication endpoints which uses refresh
        token in httpOnly cookie. It relies on [Django REST framework](https://github.com/encode/django-rest-framework)
        and [Django Oauth Toolkit](https://github.com/jazzband/django-oauth-toolkit).
        
        #### Motivation
        
        I was using django-oauth-toolkit in a project, but I wanted the refresh token to be handled by a HttpOnly cookie, while
        continue having the access token sent via request/response body.
        
        ## Quick start
        
        Install using pip:
        
        ```
        pip install django-oauth-toolkit-cookie-refresh
        ```
        
        Or, install from source:
        
        Set
        up [django-oauth-toolkit and django REST framework](https://django-oauth-toolkit.readthedocs.io/en/latest/rest-framework/getting_started.html#step-1-minimal-setup) if you haven't already:
        
        ```python
        INSTALLED_APPS = (
            'django.contrib.admin',
            ...,
            'oauth2_provider',
            'rest_framework',
        )
        ```
        
        ```python
        REST_FRAMEWORK = {
            'DEFAULT_AUTHENTICATION_CLASSES': (
                'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
            )
        }
        ```
        
        Include the oauth_toolkit_cookie_refresh URLconf in your project urls.py:
        
        ```python
        path('auth/', include('oauth_toolkit_cookie_refresh.urls')),
        ```
        
        ## Settings
        
        django-oauth-toolkit's settings are largely extended and used, except few default values have been overwritten. These
        settings are used as default unless explicitly specified:
        
        ```
        "ACCESS_TOKEN_EXPIRE_SECONDS": 300,
        "REFRESH_TOKEN_EXPIRE_SECONDS": 36000,
        "REFRESH_COOKIE_NAME": "refresh_token",
        "REFRESH_COOKIE_PATH": "/auth"
        ```
        
        You can modify these settings by specifying them in the settings for django-oauth-toolkit:
        
        ```python
        OAUTH2_PROVIDER = {
            ...,
            "ACCESS_TOKEN_EXPIRE_SECONDS": 300,
            "REFRESH_TOKEN_EXPIRE_SECONDS": 36000,
            "REFRESH_COOKIE_NAME": "refresh_token",
            "REFRESH_COOKIE_PATH": "/auth",
            ...
        }
        ```
        
        If you want to use a different path for authentication than the default path, you should provide the setting
        in `REFRESH_COOKIE_PATH`, using a string with leading slash `/`; while provide the same path in URLconf but with a
        trailing slash `/`.
        
Platform: UNKNOWN
Classifier: Environment :: Web Environment
Classifier: Framework :: Django
Classifier: Framework :: Django :: 3.0
Classifier: Framework :: Django :: 3.1
Classifier: Framework :: Django :: 3.2
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: BSD License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
Requires-Python: >=3.6
Description-Content-Type: text/markdown
