Enhancements:

• Bug Fixes: Minor bug fixes have been implemented to improve the stability and performance of the package.

Changes:

• Deprecated PROJECT_API_KEY: We have deprecated the use of PROJECT_API_KEY in favor of improved security practices. The package will continue to function with PROJECT_API_KEY set for backward compatibility, but a warning will be issued. It is recommended to remove this key at your earliest convenience. The warning message for PROJECT_API_KEY usage will be removed in upcoming versions.

Notes:

• There is no immediate action required regarding PROJECT_API_KEY; however, we encourage users to remove it as it will be phased out in future versions.

Acknowledgements:

• Thanks to @dexax for pointing out the area of improvement related to PROJECT_API_KEY.

Refactoring:

• Authentication Headers: Enhanced the usage of authentication headers by allowing the use of the auth header from settings in authentication.py.
• Verification Checks: Improved handling of email and phone verification checks, ensuring a more robust verification process same as in middleware.

Notes:

For those using AppwriteMiddleware, remember that CSRF protection is in place by default in Django. Since the middleware leverages session-based authentication, ensure that the CSRF tokens are correctly set and verified in AJAX requests to avoid 403 errors.

Fixes:

• Username Retrieval: Adjusted the retrieval method for usernames to cater for cases where the username might be omitted in custom user models. This change ensures compatibility with custom user models in Django.

Notes:

For those using AppwriteMiddleware, remember that CSRF protection is in place by default in Django. Since the middleware leverages session-based authentication, ensure that the CSRF tokens are correctly set and verified in AJAX requests to avoid 403 errors.

Features:

• Appwrite Authentication for DRF: Introduced the AppwriteAuthentication class, enabling Django Rest Framework users to authenticate with Appwrite easily. This authentication class leverages Appwrite's JWT mechanism to authenticate users, making it more streamlined and efficient.
• Custom setup.py Commands: Added custom build and publish commands in setup.py, simplifying the package build and publish process. Users can now build the package using python setup.py build and publish it with python setup.py publish --version=x.x.x.

Improvements:

• Enhanced Middleware Configuration: Refined the AppwriteMiddleware to fetch configurations more elegantly, avoiding redundancy. Also, improved error handling and logging mechanisms to provide clearer feedback to developers.
• Documentation Update: Enhanced the README with clear instructions, added information on the new AppwriteAuthentication class, and updated usage examples.

Notes:

For those using AppwriteMiddleware, remember that CSRF protection is in place by default in Django. Since the middleware leverages session-based authentication, ensure that the CSRF tokens are correctly set and verified in AJAX requests to avoid 403 errors.

Features

Configuration

• The package now allows the option to add a prefix to an email address during user creation. This feature will help prevent conflicts when a user creates an account, and the email address already exists in an existing project.

Logging

• We have improved our error logging mechanism. Instead of the previously used system, we're now using the Django logger to log errors. This enhancement allows for more detailed and easily retrievable error logs.

Fixes

Middleware

• We have fixed a bug in our AppwriteMiddleware class that prevented the middleware from functioning correctly. Previously, we forgot to call the superclass's init() method during the initialization of the middleware. This omission has been corrected, ensuring that the middleware functions correctly and maintains any necessary setup performed by the superclass.

Refactoring

Header

• We have refactored our system to replace the usage of the USER_ID header with the ID from the Account object. Before, the USER_ID header was used for password generation, but now it will be replaced with the ID from the Account object, ensuring consistency and accuracy.

Features

• Logging: We have added a new feature to log Appwrite SDK method call exceptions when debug is enabled. This will help you debug issues more easily by providing detailed information about any exceptions that occur during SDK method calls.

Fixes

Security: To improve the security of our system, replaced the user ID with JSON Web Tokens (JWT) in communication with the Appwrite server. This change prevents potential risk of attempting to login by generating random IDs.

Documentation

Integration: Updated the documentation to include information and examples on using JWT in the frontend. This will help to integrate the application with the Appwrite server more easily and securely.

Features

• User Verification: Added Django settings for email/phone verification. You can now enable or disable email or phone verification in the Django settings.

• CI/CD: To make the release process smoother, added a GitHub Action for PyPI publication. This will allow to publish new releases directly from your GitHub repository to PyPI.

Documentation

User Verification: Updated the documentation to include the new email/phone verification settings.

• Introduces a consistent method for user authorization that eliminates the need for generating and replacing passwords. By using a combination of the user's ID and the Django secret key

• Eliminates the reliance on the password information in the Appwrite payload.

The first release version 1.0.0 of the django-appwrite package is a middleware for Django that provides authentication for Appwrite users. The package enables Django to receive Appwrite authentication headers from client requests and process them to log in the corresponding user. The package implements an authentication backend that uses the Appwrite API to verify the authenticity of the provided headers. Additionally, the package includes a set of unit tests to ensure the functionality of the middleware and the backend. With this first version, Django developers can easily add Appwrite authentication to their projects and provide a seamless login experience for their Appwrite users.