suutari / drf-jwt-2fa

Django Rest Framework JWT 2FA
https://pypi.python.org/pypi/drf-jwt-2fa/
MIT License
20 stars 10 forks source link

Swappable jwt backend / django-rest-framework-jwt dependency #3

Open bianchimro opened 5 years ago

bianchimro commented 5 years ago

Hi @suutari and thanks for publishing this project.

I'd like to use your workflow with another jwt authentication library for django-rest-framework: https://github.com/davesque/django-rest-framework-simplejwt

This is the one linked from the official DRF docs now. Developement of django-rest-framework-jwt dependency does not seem to be very active.

Do you think that is in the scope of this project? Do you suggest starting similar from scratch or try to abstract/swap base views, serializers, etc?

Best regards Mauro

suutari-ai commented 5 years ago

I'd like to use your workflow with another jwt authentication library for django-rest-framework: https://github.com/davesque/django-rest-framework-simplejwt

This is the one linked from the official DRF docs now. Developement of django-rest-framework-jwt dependency does not seem to be very active.

If django-rest-framework-simplejwt is preferred by DRF and is better maintained, then I think it's a very good idea to switch to that.

Do you think that is in the scope of this project?

Yeah, why not.

Though I probably don't have time to implement this soon. If you wish to give it a try, go ahead; PRs are always welcome. :)

Do you suggest starting similar from scratch or try to abstract/swap base views, serializers, etc?

I think best way would be to provide similar set of views, serializers, etc. as are currently implemented for the rest_framework_jwt. These can be found by this search:

https://github.com/suutari/drf-jwt-2fa/search?q=rest_framework_jwt

I think the rest_framework_jwt dependency can be dropped while doing this, since if it's not well maintained, there is no point keeping support for it. So basically I'd release the django-rest-framework-simplejwt support in a new major version (1.x) and if there's a need to do fixes for the old major version (0.x), they can be released from a separate maintenance branch.

bianchimro commented 5 years ago

Thanks @suutari-ai,

I'll probably make my own fork based on django-rest-framework-simplejwt, dropping support for django-rest-framework-jwt and keeping the same structure as yours, without introducing abstractions for making the "jwt backend" swappable.

Shouldn't be too hard, hope to send you a PR soon.

jayvdb commented 5 years ago

You should look at https://github.com/st4lk/django-rest-social-auth by @st4lk , which has this feature.