// the find
Tivix/django-rest-auth
This app makes it extremely easy to build Django powered SPA's (Single Page App) or Mobile apps exposing all registration and authentication related functionality as CBV's (Class Base View) and REST (JSON)
django-rest-auth wires up Django allauth into DRF endpoints for login, registration, password reset, and social auth. It was useful circa 2015-2020 for SPA backends that needed auth without rolling their own serializers. The README itself says it's deprecated — the maintained fork is dj-rest-auth.
- Covered the full auth surface: login, logout, registration, password change/reset, email verification, and social login through allauth — all in one package
- CBV-based design meant each endpoint was individually overridable without forking the whole library
- Reasonable test coverage including social auth flows, which is where most auth libraries cut corners
- Explicitly deprecated and unmaintained since at least 2024 — the README redirects you to the fork; there is no reason to adopt this over dj-rest-auth
- Token-based auth only (DRF TokenAuth or JWT via third-party); no built-in session cookie support for same-origin SPAs, which is actually the more secure pattern
- Tightly coupled to django-allauth, so if you don't want allauth's full user-account machinery, you're dragging in a lot you don't need
- Last meaningful development predates Django 4.x and DRF 3.14+; compatibility with current versions is untested and the CI (Travis) is long dead