{"id":5182,"library":"dj-rest-auth","title":"Django REST Auth","description":"dj-rest-auth provides a set of customizable REST API endpoints for user authentication and registration in Django REST Framework, leveraging django-allauth for extended functionality. It is actively maintained with frequent releases, currently at version 7.2.0, supporting modern Django and Python versions.","status":"active","version":"7.2.0","language":"en","source_language":"en","source_url":"https://github.com/iMerica/dj-rest-auth","tags":["django","drf","authentication","authorization","rest-api","social-login","jwt","mfa"],"install":[{"cmd":"pip install dj-rest-auth","lang":"bash","label":"Basic installation"},{"cmd":"pip install \"dj-rest-auth[with_social]\"","lang":"bash","label":"With django-allauth for social logins"},{"cmd":"pip install \"dj-rest-auth[with_jwt]\"","lang":"bash","label":"With djangorestframework-simplejwt for JWT"},{"cmd":"pip install \"dj-rest-auth[with_mfa]\"","lang":"bash","label":"With django-mfa for MFA/2FA (v7.2.0+)"}],"dependencies":[{"reason":"Core framework dependency.","package":"Django"},{"reason":"Core REST framework dependency.","package":"djangorestframework"},{"reason":"Optional, for registration and social authentication features.","package":"django-allauth","optional":true},{"reason":"Optional, for JWT authentication support.","package":"djangorestframework-simplejwt","optional":true},{"reason":"Optional, for Multi-Factor Authentication (MFA/2FA) support, introduced in v7.2.0.","package":"django-mfa","optional":true}],"imports":[{"note":"dj-rest-auth provides its own specialized views for common authentication tasks, which are not directly interchangeable with DRF's default token views.","wrong":"from rest_framework.authtoken.views import obtain_auth_token","symbol":"LoginView","correct":"from dj_rest_auth.views import LoginView"},{"note":"Registration views are located in the `dj_rest_auth.registration` submodule, requiring a specific import path.","wrong":"from dj_rest_auth.views import RegisterView","symbol":"RegisterView","correct":"from dj_rest_auth.registration.views import RegisterView"},{"symbol":"UserDetailsView","correct":"from dj_rest_auth.views import UserDetailsView"},{"symbol":"PasswordResetConfirmView","correct":"from dj_rest_auth.views import PasswordResetConfirmView"}],"quickstart":{"code":"from django.contrib import admin\nfrom django.urls import path, include\n\nurlpatterns = [\n    path('admin/', admin.site.urls),\n    path('api-auth/', include('rest_framework.urls')), # Optional: for browsable API\n    path('dj-rest-auth/', include('dj_rest_auth.urls')), # For login, logout, password reset etc.\n    path('dj-rest-auth/registration/', include('dj_rest_auth.registration.urls')) # For registration\n]\n\n# In your settings.py:\n# INSTALLED_APPS = [\n#     # ... Django and DRF apps\n#     'rest_framework',\n#     'rest_framework.authtoken', # For TokenAuthentication\n#     'dj_rest_auth',\n#     'dj_rest_auth.registration',\n#     'allauth', # Required for dj_rest_auth.registration\n#     'allauth.account',\n#     'allauth.socialaccount', # Optional: if using social login\n#     # ... other apps\n# ]\n# \n# REST_FRAMEWORK = {\n#     'DEFAULT_AUTHENTICATION_CLASSES': [\n#         'rest_framework.authentication.SessionAuthentication',\n#         'rest_framework.authentication.TokenAuthentication',\n#         # 'dj_rest_auth.jwt_auth.JWTAuthentication', # If using JWT\n#     ],\n#     'DEFAULT_PERMISSION_CLASSES': [\n#         'rest_framework.permissions.IsAuthenticated',\n#     ],\n# }\n# \n# # django-allauth settings (required by dj_rest_auth.registration)\n# ACCOUNT_AUTHENTICATION_METHOD = 'username_email'\n# ACCOUNT_EMAIL_REQUIRED = True\n# ACCOUNT_EMAIL_VERIFICATION = 'optional' # or 'mandatory'\n# ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = True\n# \n# # dj-rest-auth specific settings\n# REST_AUTH = {\n#     'USE_JWT': False, # Set to True if you installed with_jwt\n#     'USER_DETAILS_SERIALIZER': 'dj_rest_auth.serializers.UserDetailsSerializer',\n#     'LOGIN_SERIALIZER': 'dj_rest_auth.serializers.LoginSerializer',\n#     'REGISTER_SERIALIZER': 'dj_rest_auth.registration.serializers.RegisterSerializer',\n# }","lang":"python","description":"To integrate dj-rest-auth, first configure your `INSTALLED_APPS` and `REST_FRAMEWORK` settings in `settings.py`, including `dj_rest_auth`, `dj_rest_auth.registration`, and required `django-allauth` apps. Then, include the `dj_rest_auth` and `dj_rest_auth.registration` URLs in your project's `urls.py`. Remember to adjust `REST_AUTH` and `django-allauth` settings to suit your authentication strategy."},"warnings":[{"fix":"Upgrade Python to 3.10+ and Django to 4.2+ before upgrading dj-rest-auth to 7.0.0 or later.","message":"Version 7.0.0 dropped support for Python versions older than 3.10 and Django versions older than 4.2. Ensure your environment meets these new minimum requirements.","severity":"breaking","affected_versions":"7.0.0+"},{"fix":"Add 'allauth.account.middleware.AccountMiddleware' to your MIDDLEWARE list in settings.py.","message":"When using `dj-rest-auth.registration` (which depends on `django-allauth`), ensure `allauth.account.middleware.AccountMiddleware` is correctly configured and placed in your `MIDDLEWARE` settings, typically after `django.contrib.sessions.middleware.SessionMiddleware`.","severity":"gotcha","affected_versions":"All versions with django-allauth"},{"fix":"Configure `REST_AUTH['SIGNUP_FIELDS']` and other `REST_AUTH` settings to explicitly define required registration fields.","message":"As of v7.1.0, email and username requirement checks for registration are primarily managed through the `SIGNUP_FIELDS` setting within the `REST_AUTH` dictionary. Relying on older methods or direct `django-allauth` settings for these might lead to unexpected behavior.","severity":"gotcha","affected_versions":"7.1.0+"},{"fix":"For MFA, ensure you `pip install \"dj-rest-auth[with_mfa]\"` and add `django_mfa`, `dj_rest_auth.mfa` to `INSTALLED_APPS`.","message":"Multi-Factor Authentication (MFA/2FA) support, introduced in v7.2.0, is an opt-in feature. It requires installing the extra `dj-rest-auth[with_mfa]` and `django-mfa` package, and then including `dj_rest_auth.mfa` in `INSTALLED_APPS`.","severity":"gotcha","affected_versions":"7.2.0+"},{"fix":"Always inherit from `dj_rest_auth`'s default serializers when creating custom ones, or ensure your custom serializers conform to the expected input/output fields. Test custom serializer changes thoroughly.","message":"The `REST_AUTH` settings provide extensive customization options for serializers (e.g., `LOGIN_SERIALIZER`, `USER_DETAILS_SERIALIZER`). Incorrectly overriding these or using an incompatible custom serializer can break core authentication flows.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-13T00:00:00.000Z","next_check":"2026-07-12T00:00:00.000Z"}