Skip to content

Commit

Permalink
Merge branch 'jazzband:develop' into develop
Browse files Browse the repository at this point in the history
  • Loading branch information
paulgueltekin authored Jun 13, 2024
2 parents 967d664 + 01c1de4 commit c7e1884
Show file tree
Hide file tree
Showing 6 changed files with 49 additions and 32 deletions.
34 changes: 34 additions & 0 deletions .github/workflows/gh-pages.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
name: Publish Docs to GitHub Pages

permissions:
contents: write

on:
push:
branches:
- develop

jobs:
build:
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.x

- name: Install dependencies
run: pip install mkdocs-material

- name: Build docs
run: mkdocs build

- name: Deploy to GitHub Pages
uses: peaceiris/actions-gh-pages@v3
with:
personal_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./site
20 changes: 10 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,15 @@ django-rest-knox
[![Jazzband](https://jazzband.co/static/img/badge.svg)](https://jazzband.co/)
[![image](https://github.com/jazzband/django-rest-knox/workflows/Test/badge.svg?branch=develop)](https://github.com/jazzband/django-rest-knox/actions)

Authentication Module for django rest auth
Authentication module for Django rest auth.

Knox provides easy to use authentication for [Django REST
Knox provides easy-to-use authentication for [Django REST
Framework](https://www.django-rest-framework.org/) The aim is to allow
for common patterns in applications that are REST based, with little
for common patterns in applications that are REST-based, with little
extra effort; and to ensure that connections remain secure.

Knox authentication is token based, similar to the `TokenAuthentication`
built in to DRF. However, it overcomes some problems present in the
Knox authentication is token-based, similar to the `TokenAuthentication`
built into DRF. However, it overcomes some problems present in the
default implementation:

- DRF tokens are limited to one per user. This does not facilitate
Expand All @@ -24,13 +24,14 @@ default implementation:
client to have its own token which is deleted on the server side
when the client logs out.

Knox also provides an option for a logged in client to remove *all*
Knox also provides an option for a logged-in client to remove *all*
tokens that the server has - forcing all clients to re-authenticate.

- DRF tokens are stored unencrypted in the database. This would allow
an attacker unrestricted access to an account with a token if the
an attacker unrestricted access to an account with a token if the
database were compromised.


Knox tokens are only stored in a secure hash form (like a password). Even if the
database were somehow stolen, an attacker would not be able to log
in with the stolen credentials.
Expand All @@ -44,8 +45,7 @@ More information can be found in the

# Run the tests locally

If you need to debug a test locally and if you have [docker](https://www.docker.com/) installed:

If you need to debug a test locally and if you have [docker](https://www.docker.com/) installed,
simply run the ``./docker-run-tests.sh`` script and it will run the test suite in every Python /
Django versions.

Expand All @@ -56,7 +56,7 @@ Python / Django versions a bit more tricky.

Our documentation is generated by [Mkdocs](https://www.mkdocs.org).

You can refer to their documentation on how to install it locally.
You can refer to their [documentation](https://www.mkdocs.org/user-guide/installation/) on how to install it locally.

Another option is to use `mkdocs.sh` in this repository.
It will run mkdocs in a [docker](https://www.docker.com/) container.
Expand Down
4 changes: 2 additions & 2 deletions docs/index.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# Django-Rest-Knox
Knox provides easy to use authentication for [Django REST Framework](https://www.django-rest-framework.org/)
Knox provides easy-to-use authentication for [Django REST Framework](https://www.django-rest-framework.org/)
The aim is to allow for common patterns in applications that are REST based,
with little extra effort; and to ensure that connections remain secure.

Knox authentication is token based, similar to the `TokenAuthentication` built
in to DRF. However, it overcomes some problems present in the default implementation:
into DRF. However, it overcomes some problems present in the default implementation:

- DRF tokens are limited to one per user. This does not facilitate securely
signing in from multiple devices, as the token is shared. It also requires
Expand Down
2 changes: 1 addition & 1 deletion knox/settings.py
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
from datetime import timedelta

from django.conf import settings
from django.test.signals import setting_changed
from django.core.signals import setting_changed
from rest_framework.settings import APISettings, api_settings

USER_SETTINGS = getattr(settings, 'REST_KNOX', None)
Expand Down
2 changes: 1 addition & 1 deletion mkdocs.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,4 @@ docker run --rm -it \
-w $MOUNT_FOLDER \
-p $MKDOCS_DEV_PORT:$MKDOCS_DEV_PORT \
-e MKDOCS_DEV_ADDR="$MKDOCS_DEV_ADDR:$MKDOCS_DEV_PORT" \
squidfunk/mkdocs-material:3.2.0 $*
squidfunk/mkdocs-material:latest $*
19 changes: 1 addition & 18 deletions tox.ini
Original file line number Diff line number Diff line change
@@ -1,25 +1,9 @@
[tox]
envlist =
isort,
flake8,
py{36,37,38,39,310}-django32,
py{38,39,310,311,312}-django42,
py{310,311,312}-django50,

[testenv:flake8]
deps = flake8
changedir = {toxinidir}
commands = flake8 knox

[testenv:isort]
deps = isort
changedir = {toxinidir}
commands = isort --check-only --diff \
knox \
knox_project/views.py \
setup.py \
tests

[testenv]
commands =
python manage.py migrate
Expand All @@ -33,7 +17,6 @@ deps =
django42: Django>=4.2,<4.3
django50: Django>=5.0,<5.1
markdown>=3.0
isort>=5.0
djangorestframework
freezegun
mkdocs
Expand All @@ -50,5 +33,5 @@ python =
3.8: py38
3.9: py39
3.10: py310
3.11: py311, isort, flake8
3.11: py311
3.12: py312

0 comments on commit c7e1884

Please sign in to comment.