Examples

In order to let you familiarise with the library, a fully working test project is provided in the repository.
It allows you to run django-trench with basic settings as well as play with it thanks to a sample frontend app.

Launching a sample app

  1. Clone the repository:
$ git clone https://github.com/merixstudio/django-trench.git
  1. Check testproject directory and adjust settings.py inside testapp according to Installation and Additional settings if necessary.
  2. Make sure you have docker and docker-compose installed. Use Makefile to run backend:
$ make build
$ make migrate
  1. Run the app using command:
$ make client
Frontend app is availabe on http://localhost:3000/ and expects backend running on http://localhost:8000/

Basic usage

You can create an admin user to be able to access admin panel http://localhost:8000/admin:
$ make create_admin
From built-in admin panel you can add users and setup credentials.
Alternatively djoser endpoints can be used to manage users in through REST requests. Read further in djoser docs.
Let’s login:
$ curl -X POST http://localhost:8000/auth/login/ -d 'username=admin&password=yourpassword'
In the following request you’ll need a provided token for authorization.

To activate an email authentication:
$ curl -X POST http://localhost:8000/auth/email/activate/ -d 'method=email'
-H 'Authorization: JWT [token provided]'
Check the code and confirm:
$ curl -X POST http://localhost:8000/auth/email/activate/confirm/ -d 'code=[code provided]'
-H 'Authorization: JWT [token provided]'
In response you’ll receive a batch of backup codes.

Let’s login again and check if an extra authentication works.
$ curl -X POST http://localhost:8000/auth/login/ -d 'username=admin&password=yourpassword'

{
    "ephemeral_token": "token",
    "method": "email",
    "other_methods": []
}
Right, the code has been dispatched by the primary method.
Now we only need pass on the code and ephemeral_token:
$ curl -X POST http://localhost:8000/auth/login/code/
-d 'code=[code from previous step]&ephemeral_token=[ephemeral_token from step before]'

{
    "token": "JWT token",
}

All right, we’re in!