Examples¶
In order to let you familiarise with the library, a fully working test project is provided in the repository.
It allows you to run
django-trench
with basic settings as well as play with it thanks to a sample frontend app.Launching a sample app¶
- Clone the repository:
$ git clone https://github.com/merixstudio/django-trench.git
- Check
testproject
directory and adjustsettings.py
insidetestapp
according to Installation and Additional settings if necessary. - Make sure you have
docker
anddocker-compose
installed. UseMakefile
to run backend:
$ make build
$ make migrate
- Run the app using command:
$ make client
Frontend app is availabe on http://localhost:3000/ and expects backend running on http://localhost:8000/
Basic usage¶
You can create an admin user to be able to access admin panel
http://localhost:8000/admin
:$ make create_admin
From built-in admin panel you can add users and setup credentials.
Alternatively
djoser
endpoints can be used to manage users in through REST requests. Read further in djoser docs.Let’s login:
$ curl -X POST http://localhost:8000/auth/login/ -d 'username=admin&password=yourpassword'
In the following request you’ll need a provided
token
for authorization.To activate an email authentication:
$ curl -X POST http://localhost:8000/auth/email/activate/ -d 'method=email'
-H 'Authorization: JWT [token provided]'
Check the code and confirm:
$ curl -X POST http://localhost:8000/auth/email/activate/confirm/ -d 'code=[code provided]'
-H 'Authorization: JWT [token provided]'
In response you’ll receive a batch of backup codes.
Let’s login again and check if an extra authentication works.
$ curl -X POST http://localhost:8000/auth/login/ -d 'username=admin&password=yourpassword'
{
"ephemeral_token": "token",
"method": "email",
"other_methods": []
}
Right, the code has been dispatched by the primary method.
Now we only need pass on the code and ephemeral_token:
$ curl -X POST http://localhost:8000/auth/login/code/
-d 'code=[code from previous step]&ephemeral_token=[ephemeral_token from step before]'
{
"token": "JWT token",
}
All right, we’re in!