def validate(self, attrs):
refresh = RefreshToken(attrs["refresh"])
user_model = get_user_model()
if not user_model.objects.get(id=refresh.get("user_id")).state == "A":
raise PermissionDenied(
detail="Your account is deactivated. Contact support."
)
data = {"access": str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data["refresh"] = str(refresh)
return data
def validate(self, attrs):
refresh = attrs['refresh']
try:
token = OutstandingToken.objects.get(token=refresh)
except OperationalError:
pass
else:
conn = RedisExecutor(token.user, self.context['request'])
conn.validate()
refresh = RefreshToken(refresh)
data = {'access': str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
return data
def validate(self, attrs):
refresh = RefreshToken(attrs['refresh'])
data = {'access': str(refresh.access_token)}
# override start
if attrs['app_id'] != 'ENGLISH':
# 403を返す
raise exceptions.PermissionDenied(
detail="app_id is not correct. Please confirm.")
# override end
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
# override start(\( ⁰⊖⁰)/)
# access_tokenにstudent_uuidをつめる
access = refresh.access_token
access['student_uuid'] = '029183-73638-uuid~~'
data['access'] = str(access)
# override end ٩( 'ω' )و
data['refresh'] = str(refresh)
return data
def validate(self, attrs):
refresh = RefreshToken(attrs["refresh"])
user_id = refresh.payload["user_id"]
# обновляем payload токенов
refresh.payload.update(self.get_user_info(user_id))
data = {"access": str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data["refresh"] = str(refresh)
return data
def validate(self, attrs):
token = self.get_token_from_cookie()
if token is None:
raise serializers.ValidationError(
"No refresh token cookie found"
)
refresh = RefreshToken(token)
data = {
"access": str(refresh.access_token),
"access_expires": refresh.access_token["exp"]
}
if jwt_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
data['refresh_expires'] = refresh["exp"]
return data
def validate(self, attrs):
refresh = RefreshToken(attrs['refresh'])
data = {'access': str(refresh.access_token)}
if settings.SIMPLE_JWT['ROTATE_REFRESH_TOKENS']:
if settings.SIMPLE_JWT['BLACKLIST_AFTER_ROTATION']:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
jwt_obj = JWTAuthentication()
user = jwt_obj.get_user(refresh.access_token)
user_serializer = UserSerializer(user)
data['user'] = user_serializer.data
data['token_expire_at'] = refresh.access_token.get('exp')
data['refresh_token_expire_at'] = refresh.get('exp')
return data
def validate(self, attrs):
refresh = RefreshToken(attrs['refresh'])
data = {
'access': str(refresh.access_token),
# This field has been added
# This was an necessary override to insure simple experience
'expires': refresh.access_token.payload['exp']
}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
return data
def validate(self, attrs):
try:
refresh = RefreshToken(attrs['token_refresh'])
except Exception as err:
raise ValidationError('无效的token_refresh内容')
data = {'token': str(refresh.access_token)}
refresh.blacklist() # 将使用的token_refresh加入黑名单,旧值只能刷新一次。
refresh.set_jti()
refresh.set_exp()
data['token_refresh'] = str(refresh)
return data
def validate(self, attrs):
# Check if token is invalid or expired
refresh = RefreshToken(attrs['refresh'])
# Check if session with token exists
jti = refresh[api_settings.JTI_CLAIM]
if not TokenSession.objects.filter(jti=jti).exists():
raise TokenError(_('Token is not whitelisted'))
TokenSession.objects.filter(jti=jti).delete()
refresh.set_jti()
refresh.set_exp()
return self.whitelist(refresh)
def get_validated_token(self, raw_token, refresh_token=None):
"""
Validates an encoded JSON web token and returns a validated token
wrapper object.
"""
messages = []
for AuthToken in api_settings.AUTH_TOKEN_CLASSES:
try:
if refresh_token is None:
return AuthToken(raw_token)
else:
return AuthToken(raw_token), None
except TokenError as e:
if refresh_token is None:
messages.append({
'token_class': AuthToken.__name__,
'token_type': AuthToken.token_type,
'message': e.args[0]
})
else:
try:
refresh = RefreshToken(refresh_token)
new_tokens = {'access': str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError as e:
messages.append({'Error:': e.args[0]})
refresh.set_jti()
refresh.set_exp()
new_tokens['refresh'] = str(refresh)
return AuthToken(new_tokens['access']), new_tokens
except Exception as e:
messages.append({'Error:': e.args[0]})
raise InvalidToken({
'detail':
_('Given token not valid for any token type'),
'messages':
messages,
})
def validate(self, attrs):
refresh = RefreshToken(attrs['refresh'])
data = {'access': str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
return data
def validate(self, attrs):
# wrap the given refresh token as a RefreshToken object
refresh = RefreshToken(attrs["refresh"])
# create response data
data = {"access": str(refresh.access_token)}
if jwt_settings["ROTATE_REFRESH_TOKENS"]:
blacklisted_token = None
if jwt_settings["BLACKLIST_AFTER_ROTATION"]:
try:
# Attempt to blacklist the given refresh token
blacklisted_token, _ = refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
# rotate refresh token
refresh.set_jti()
if refresh.get("client", False) == "pyintelowl":
refresh.set_exp(
lifetime=jwt_settings.get("PYINTELOWL_TOKEN_LIFETIME", None)
)
else:
refresh.set_exp()
data["refresh"] = str(refresh)
# PATCHED - Create Outstanding Token in the db
if blacklisted_token:
user = blacklisted_token.token.user
if user:
OutstandingToken.objects.create(
user=user,
jti=refresh.payload["jti"],
token=str(refresh),
created_at=refresh.current_time,
expires_at=datetime_from_epoch(refresh["exp"]),
)
return data
def validate(self, attrs):
refresh = RefreshToken(attrs['refresh'])
data = {
'access': str(refresh.access_token),
'expires_in': refresh.access_token.get('exp', '')
}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
refresh.blacklist()
except AttributeError:
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
return data
def post(self, request, format=None):
if request.method == "POST":
ref_token = request.data.get("refresh_token")
try:
reftokenModel = RefreshToken(
ref_token) # RefreshToken(token=ref_token)
except TokenError:
return Response(
{
'success': False,
"message":
"Token is invalid or expired. Do a full login"
},
status=HTTPStatus.HTTP_400_BAD_REQUEST)
data = {
'access': str(reftokenModel.access_token),
'refresh': ref_token
}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
reftokenModel.blacklist()
except AttributeError:
pass
reftokenModel.set_jti()
reftokenModel.set_exp()
data['refresh'] = str(reftokenModel)
return Response(
{
'token': data['access'],
'refresh_token': data['refresh'],
"token_type": "Bearer"
},
status=HTTPStatus.HTTP_200_OK)
else:
status_code = HTTPStatus.METHOD_NOT_ALLOWED
response = JsonResponse({'success': 'false'}, status=status_code)
return response
def mutate(cls, context, info, **input):
refresh = RefreshToken(input['refreshToken'])
if settings.SIMPLE_JWT.get('ROTATE_REFRESH_TOKENS'):
if settings.SIMPLE_JWT.get('BLACKLIST_AFTER_ROTATION'):
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will not be present
pass
refresh.set_jti()
refresh.set_exp()
access_token = token_backend.encode(refresh.access_token.payload)
refresh_token = token_backend.encode(refresh.payload)
return Tokens(
accessToken=access_token,
refreshToken=refresh_token
)
def validate(self, attrs):
refresh = RefreshToken(attrs['refresh'])
data = {'access': str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
decoded = jwt.decode(data['access'], settings.SECRET_KEY)
user = User.objects.get(id=decoded['user_id'])
data['user'] = UserSerializer(user).data
return data
def validate(self, attrs):
refresh = RefreshToken(attrs["refresh"])
data = {"access": str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data["refresh"] = str(refresh)
# Updating users active status
User.objects.filter(id=refresh["user_id"]).update(last_login=localtime(now()))
return data
