This Django-based authentication and user management system provides a robust and secure API for handling user authentication, authorization, and account management. The system is designed with security and scalability in mind, offering features like JWT authentication, OAuth integration, and Multi-Factor Authentication (MFA).
- User registration and management
- JWT-based authentication
- OAuth2 integration for social logins
- Multi-Factor Authentication (MFA) support
- Password reset and email verification
- Role-based access control
- Rate limiting for enhanced security
- CSRF protection
- Secure password hashing with Argon2
- Django - Web framework
- Django REST Framework (DRF) - API development
- Django Allauth - Authentication provider
- PostgreSQL - Database
- JWT - Token-based authentication
- Argon2 - Password hashing
- CSRF protection
- Rate limiting
- SSL/TLS support
- Poetry - Dependency management
- Docker - Containerization
- Make - Build automation
- Docker and Docker Compose
- Python 3.8 or higher (for local development)
- Poetry (for local development)
- PostgreSQL (for local development without Docker)
-
Clone the repository:
git clone <repository-url> cd auth-system
-
Start the application using Docker Compose:
docker-compose up -d
-
Create a superuser (admin account):
make create-superuser
-
Access the application at http://localhost:8000
To stop the containers:
docker-compose down-
Install dependencies using Poetry:
poetry install --no-root
-
Activate the virtual environment:
poetry shell
-
Set up the database:
make migrations make migrate
-
Create a superuser:
make create-superuser
-
Start the development server:
make runserver
-
Access the application at http://localhost:8000
To run the test suite:
make testThe API documentation is available through two interfaces:
- URL:
/api/docs/swagger/ - Interactive documentation with try-it-out functionality
- Authentication:
- Obtain a JWT token through
/api/token/ - Click the "Authorize" button in Swagger UI
- Enter the token in format:
Bearer <your-token>
- Obtain a JWT token through
- URL:
/api/docs/redoc/ - Clean, responsive documentation interface
- Ideal for API reference and documentation sharing
The Django Admin interface provides a user-friendly way to manage the application:
- Access the admin panel at
/admin/ - Log in using superuser credentials
- Manage users, permissions, and other application data
To create a superuser account:
make create-superuserThis project is licensed under the MIT License - see the LICENSE file for details.