Django Rest Knox

1. Create a Token API View

from rest_framework.views import APIView
from rest_framework.response import Response
from rest_knox.models import AuthToken

class TokenObtainPairView(APIView):
    def post(self, request, format=None):
        serializer = UserSerializer(data=request.data)
        if serializer.is_valid():
            user = serializer.save()
            token = AuthToken.objects.create(user)
            return Response({'token': token})
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

2. Use the Knox Authentication Middleware

# settings.py
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_knox.authentication.KnoxAuthentication',
    ),
}

3. Set the Token Model

# settings.py
REST_KNOX = {
    'TOKEN_MODEL': 'my_app.AuthToken'
}

4. Customize the Token Expiration

# settings.py
REST_KNOX = {
    'TOKEN_TTL': timedelta(hours=12)  # Default: timedelta(hours=8)
}

5. Disable the Token Limit

# settings.py
REST_KNOX = {
    'TOKEN_LIMIT_PER_USER': None  # Default: 10
}

6. Use the Knox TokenSerializer

from rest_knox.serializers import TokenSerializer

class MyTokenSerializer(TokenSerializer):
    pass

7. Use the Knox UserSerializer

from rest_knox.serializers import UserSerializer

class MyUserSerializer(UserSerializer):
    pass

8. Create a Refresh Token API View

from rest_framework.views import APIView
from rest_framework.response import Response
from rest_knox.models import AuthToken

class TokenRefreshView(APIView):
    def post(self, request, format=None):
        token = request.data.get('token')
        try:
            token = AuthToken.objects.get(token=token)
        except AuthToken.DoesNotExist:
            return Response(status=status.HTTP_400_BAD_REQUEST)
        token.refresh()
        return Response({'token': token})

9. Customize the Refresh Token Expiration

# settings.py
REST_KNOX = {
    'REFRESH_TOKEN_TTL': timedelta(days=1)  # Default: timedelta(hours=12)
}

10. Use the Knox RefreshTokenSerializer

from rest_knox.serializers import RefreshTokenSerializer

class MyRefreshTokenSerializer(RefreshTokenSerializer):
    pass

11. Create a Logout API View

from rest_framework.views import APIView
from rest_framework.response import Response
from rest_knox.models import AuthToken

class LogoutView(APIView):
    def post(self, request, format=None):
        token = request.data.get('token')
        try:
            token = AuthToken.objects.get(token=token)
        except AuthToken.DoesNotExist:
            return Response(status=status.HTTP_400_BAD_REQUEST)
        token.delete()
        return Response({"detail": "Successfully logged out."})

12. Use the Knox LogoutSerializer

from rest_knox.serializers import LogoutSerializer

class MyLogoutSerializer(LogoutSerializer):
    pass

13. Create a Knox Serializer Mixin

from rest_framework import serializers
from rest_knox.serializers import TokenSerializer

class KnoxSerializerMixin(serializers.ModelSerializer):
    token = TokenSerializer(read_only=True)

14. Use the Knox Serializer Mixin in a ModelSerializer

from .models import MyModel
from .serializers import MyModelSerializer, KnoxSerializerMixin

class MyModelSerializer(KnoxSerializerMixin, serializers.ModelSerializer):
    class Meta:
        model = MyModel

15. Create a Custom Knox Authentication

from rest_framework.authentication import BaseAuthentication
from rest_framework.request import Request
from rest_framework import exceptions
from rest_knox.models import AuthToken

class CustomKnoxAuthentication(BaseAuthentication):
    def authenticate(self, request: Request):
        token = request.headers.get('Authorization')
        if not token or 'Token' not in token:
            raise exceptions.AuthenticationFailed('No token provided.')

        token = token.split(' ')[1]
        try:
            token = AuthToken.objects.get(token=token)
        except AuthToken.DoesNotExist:
            raise exceptions.AuthenticationFailed('Invalid token.')

        return token.user, token

16. Use the Custom Knox Authentication in a View

from rest_framework.views import APIView
from rest_framework.authentication import CustomKnoxAuthentication
from .serializers import MyModelSerializer

class MyView(APIView):
    authentication_classes = (CustomKnoxAuthentication,)

    def get(self, request):
        user = request.user
        serializer = MyModelSerializer(user)
        return Response(serializer.data)

17. Create a Custom Knox Permission

from rest_framework.permissions import BasePermission
from rest_framework.request import Request

class CustomKnoxPermission(BasePermission):
    def has_permission(self, request: Request, view):
        if request.user.is_authenticated:
            return True
        return False

18. Use the Custom Knox Permission in a View

from rest_framework.views import APIView
from rest_framework.permissions import CustomKnoxPermission
from .serializers import MyModelSerializer

class MyView(APIView):
    permission_classes = (CustomKnoxPermission,)

    def get(self, request):
        user = request.user
        serializer = MyModelSerializer(user)
        return Response(serializer.data)

19. Create a Knox Token Manager

from rest_knox.models import AuthTokenManager

class MyAuthTokenManager(AuthTokenManager):
    pass

20. Use the Knox Token Manager in the Token Model

from django.db import models
from rest_knox.models import AuthToken

class MyAuthToken(AuthToken):
    objects = MyAuthTokenManager()

21. Create a Custom Knox API View

from rest_framework.views import APIView
from rest_framework.response import Response
from rest_knox.models import AuthToken
from rest_framework.authtoken.serializers import AuthTokenSerializer

class CustomTokenObtainPairView(APIView):
    def post(self, request, format=None):
        serializer = AuthTokenSerializer(data=request.data)
        if serializer.is_valid():
            user = serializer.validated_data['user']
            token, _ = AuthToken.objects.create(user)
            return Response({'token': token})
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

22. Use the Custom Knox API View in a URL Pattern

# urls.py
from django.urls import path
from .views import CustomTokenObtainPairView

urlpatterns = [
    path('api/token/', CustomTokenObtainPairView.as_view()),
]

23. Create a Knox Token Field

from rest_framework import serializers
from rest_knox.models import AuthToken

class TokenField(serializers.ReadOnlyField):
    def get_attribute(self, instance):
        return AuthToken.objects.create(instance)[0]

24. Use the Knox Token Field in a ModelSerializer

from .models import MyModel
from .serializers import TokenField

class MyModelSerializer(serializers.ModelSerializer):
    token = TokenField(source='*')

25. Create a Knox Serializer Wrapper

from rest_framework.serializers import Serializer
from rest_knox.serializers import TokenSerializer

class KnoxSerializerWrapper(Serializer):
    token = TokenSerializer(read_only=True)

26. Use the Knox Serializer Wrapper in a ViewSet

from rest_framework.viewsets import ModelViewSet
from .models import MyModel
from .serializers import KnoxSerializerWrapper

class MyViewSet(ModelViewSet):
    queryset = MyModel.objects.all()
    serializer_class = KnoxSerializerWrapper

27. Create a Knox Scoped Permission

from rest_framework.permissions import BasePermission
from rest_framework.request import Request

class KnoxScopedPermission(BasePermission):
    def has_permission(self, request: Request, view):
        if request.user.is_authenticated and request.user.has_perm('my_app.my_perm'):
            return True
        return False

28. Use the Knox Scoped Permission in a View

from rest_framework.views import APIView
from rest_framework.permissions import KnoxScopedPermission
from .serializers import MyModelSerializer

class MyView(APIView):
    permission_classes = (KnoxScopedPermission,)

    def get(self, request):
        user = request.user
        serializer = MyModelSerializer(user)
        return Response(serializer.data)

29. Create a Knox Token Generator

from rest_knox.auth import TokenGenerator

class MyTokenGenerator(TokenGenerator):
    pass

30. Use the Knox Token Generator in the Token Model

from django.db import models
from rest_knox.models import AuthToken

class MyAuthToken(AuthToken):
    token_generator_class = MyTokenGenerator

31. Create a Knox Token Expire Handler

from datetime import timedelta
from rest_knox.token import ExpireHandler

class MyExpireHandler(ExpireHandler):
    def token_expire_time(self, request, token):
        return timedelta(hours=24)  # Default: timedelta(hours=8)

32. Use the Knox Token Expire Handler in the Token Model

from django.db import models
from rest_knox.models import AuthToken

class MyAuthToken(AuthToken):
    expire_handler_class = MyExpireHandler

33. Create a Knox User Serializer Mixin

from rest_framework import serializers
from rest_knox.serializers import UserSerializer

class KnoxUserSerializerMixin(serializers.ModelSerializer):
    is_authenticated = serializers.SerializerMethodField()

    def get_is_authenticated(self, obj):
        return obj.is_authenticated

34. Use the Knox User Serializer Mixin in a ModelSerializer

from .models import MyModel
from .serializers import KnoxUserSerializerMixin

class MyModelSerializer(KnoxUserSerializerMixin, serializers.ModelSerializer):
    class Meta:
        model = MyModel

35. Create a Knox API Exception Handler

from rest_framework.exceptions import APIException

class KnoxAPIExceptionHandler(APIException):
    default_detail = 'Knox error.'
    default_code = 'knox'

36. Use the Knox API Exception Handler in a View

from rest_framework.views import APIView
from rest_framework.response import Response
from .exceptions import KnoxAPIExceptionHandler

class MyView(APIView):
    def get(self, request):
        raise KnoxAPIExceptionHandler()

PreviousDjango Rest Framework Simple JWT NextDjango Sitemap