Version History

# Complete Django REST Framework Authentication Full-featured authentication system using DRF with JWT tokens, email verification, password reset, and bcrypt password hashing. ## Features - JWT token-based authentication - Email/password registration - Login with email verification - Forgot/reset password flow - Email verification with tokens - Bcrypt password hashing - Custom JWT authentication backend ## Installation ```bash pip install djangorestframework PyJWT passlib bcrypt ``` ## 1. Settings Configuration ```python # settings.py from datetime import timedelta import environ env = environ.Env() INSTALLED_APPS = [ # ... "rest_framework", "corsheaders", # If needed for frontend # Your apps ] MIDDLEWARE = [ "corsheaders.middleware.CorsMiddleware", # If needed # ... ] # REST Framework REST_FRAMEWORK = { "DEFAULT_AUTHENTICATION_CLASSES": [ "api.authentication.JWTAuthentication", # Custom JWT auth ], "DEFAULT_PERMISSION_CLASSES": [ "rest_framework.permissions.IsAuthenticated", ], "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", ], } # JWT Configuration SIMPLE_JWT = { "ACCESS_TOKEN_LIFETIME": timedelta(days=7), "REFRESH_TOKEN_LIFETIME": timedelta(days=30), "ALGORITHM": "HS256", "SIGNING_KEY": env("SECRET_KEY"), "AUTH_HEADER_TYPES": ("Bearer",), "USER_ID_FIELD": "id", "USER_ID_CLAIM": "user_id", } # CORS (if using frontend) CORS_ALLOWED_ORIGINS = [ "http://localhost:3000", "http://localhost:19006", # Expo ] CORS_ALLOW_CREDENTIALS = True ``` ## 2. User Model ```python # core/models.py import uuid from django.db import models from django.utils import timezone class User(models.Model): id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False) email = models.EmailField(unique=True) password_hash = models.CharField(max_length=255) display_name = models.CharField(max_length=255) …

# Complete Django REST Framework Authentication Full-featured authentication system using DRF with JWT tokens, email verification, password reset, and bcrypt password hashing. ## Features - JWT token-based authentication - Email/password registration - Login with email verification - Forgot/reset password flow - Email verification with tokens - Bcrypt password hashing - Custom JWT authentication backend - Custom exception handler ## Installation ```bash pip install djangorestframework PyJWT passlib bcrypt django-cors-headers django-environ ``` ## 1. Settings Configuration ```python # settings.py from datetime import timedelta import environ env = environ.Env() INSTALLED_APPS = [ "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", # Third party "rest_framework", "corsheaders", # Your apps "core", "api", ] MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "corsheaders.middleware.CorsMiddleware", # MUST be before CommonMiddleware "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] # REST Framework Configuration REST_FRAMEWORK = { "DEFAULT_AUTHENTICATION_CLASSES": [ "api.authentication.JWTAuthentication", # Custom JWT auth ], "DEFAULT_PERMISSION_CLASSES": [ "rest_framework.permissions.IsAuthenticated", ], "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", ], "DEFAULT_PARSER_CLASSES": [ "rest_framework.parsers.JSONParser", ], "EXCEPTION_HANDLER": "api.exceptions.custom_exception_handler", } # JWT Configuration SIMPLE_JWT = { "ACCESS_TOKEN_LIFETIME": timedelta(days=7), "REFRESH_TOKEN_LIFETIME": timedelta(days=30), "ROTATE_REFRESH_TOKENS": False, "BLACKLIST_AFTER_ROTATION": True, "ALGORITHM": "HS256", "SIGNING_KEY": env("SECRET_KEY"), "AUTH_HEADER_TYPES": ("Bearer",), "USER_ID_FIELD": "id", "USER_ID_CLAIM": "user_id", } # CORS Configuration CORS_ALLOWED_ORIGINS = [ "https://yourapp.com", "http://localhost:3000", "http://localhost:19006", # Expo web "http://localhost:8081", # Expo dev ] CORS_ALLOW_CREDENTIALS = True ``` ## …

# Complete Django REST Framework Authentication Full-featured authentication system using DRF with JWT tokens, email verification, password reset, and bcrypt password hashing. ## Features - JWT token-based authentication - Email/password registration - Login with email verification - Forgot/reset password flow - Email verification with tokens - Bcrypt password hashing - Custom JWT authentication backend ## Installation ```bash pip install djangorestframework PyJWT passlib bcrypt ``` ## 1. Settings Configuration ```python # settings.py from datetime import timedelta import environ env = environ.Env() INSTALLED_APPS = [ # ... "rest_framework", "corsheaders", # If needed for frontend # Your apps ] MIDDLEWARE = [ "corsheaders.middleware.CorsMiddleware", # If needed # ... ] # REST Framework REST_FRAMEWORK = { "DEFAULT_AUTHENTICATION_CLASSES": [ "api.authentication.JWTAuthentication", # Custom JWT auth ], "DEFAULT_PERMISSION_CLASSES": [ "rest_framework.permissions.IsAuthenticated", ], "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", ], } # JWT Configuration SIMPLE_JWT = { "ACCESS_TOKEN_LIFETIME": timedelta(days=7), "REFRESH_TOKEN_LIFETIME": timedelta(days=30), "ALGORITHM": "HS256", "SIGNING_KEY": env("SECRET_KEY"), "AUTH_HEADER_TYPES": ("Bearer",), "USER_ID_FIELD": "id", "USER_ID_CLAIM": "user_id", } # CORS (if using frontend) CORS_ALLOWED_ORIGINS = [ "http://localhost:3000", "http://localhost:19006", # Expo ] CORS_ALLOW_CREDENTIALS = True ``` ## 2. User Model ```python # core/models.py import uuid from django.db import models from django.utils import timezone class User(models.Model): id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False) email = models.EmailField(unique=True) password_hash = models.CharField(max_length=255) display_name = models.CharField(max_length=255) …