def test_payload_decode_audience_missing(self):
payload = utils.jwt_payload(self.user)
token = utils.jwt_encode(payload)
with override_jwt_settings(JWT_AUDIENCE='test'):
with self.assertRaises(GraphQLJWTError):
utils.get_payload(token)
def test_payload_decode_audience_missing(self):
payload = utils.jwt_payload(self.user)
token = utils.jwt_encode(payload)
with override_settings(JWT_AUDIENCE='test'):
with self.assertRaises(GraphQLJWTError):
utils.get_payload(token)
def mutate(self, info, **kwargs):
email = kwargs.get('email')
mobile_number = kwargs.get('mobile_number')
password = kwargs.get('password')
message = AUTH_ERROR_RESPONSES["login_validation_error"]
if email is None:
user = get_model_object(User,
'mobile_number',
mobile_number,
message=message)
email = user.email
user = get_model_object(User, 'email', email, message=message)
if user.is_active:
user_auth = authenticate(username=email, password=password)
if user_auth is None:
raise GraphQLError(message)
update_last_login(sender=User, user=user)
message = AUTH_SUCCESS_RESPONSES["login_success"]
# Create token to access GraphQL-based views
payload = jwt_payload(user_auth)
token = jwt_encode(payload)
# Create token to access REST-based views
rest_payload = Token.objects.get_or_create(user=user_auth)
rest_token = rest_payload[0]
return LoginUser(message=message,
token=token,
user=user_auth,
rest_token=rest_token)
return GraphQLError("Your Email address has not been verified. "
"Kindly check your inbox for a verification link.")
def test_decode_audience_missing(self):
payload = utils.jwt_payload(self.user)
token = utils.jwt_encode(payload)
with override_jwt_settings(JWT_AUDIENCE='test'):
with self.assertRaises(exceptions.JSONWebTokenError):
utils.get_payload(token)
def mutate(self, info, **kwargs):
user = authenticate(
username=kwargs.get('email'),
password=kwargs.get('password')
)
error_message = 'Invalid login credentials.'
success_message = "You logged in successfully."
if user:
payload = jwt_payload(user)
token = jwt_encode(payload)
return LoginUser(token=token, message=success_message)
return LoginUser(message=error_message)
def mutate(self, info, **kwargs):
email = kwargs.get('email')
password = kwargs.get('password')
user = authenticate(username=email, password=password)
error_message = 'Invalid login credentials'
success_message = "You logged in successfully."
verification_error = 'Your email is not verified'
if user:
if user.is_verified:
payload = jwt_payload(user)
token = jwt_encode(payload)
return LoginUser(token=token, message=success_message)
return LoginUser(message=verification_error)
return LoginUser(message=error_message)
def sendEmail(user):
payload = jwt_payload(user)
token = jwt_encode(payload)
link = settings.FRONTEND_URL + "/verify-email/" + token
msg_plain = render_to_string('email.txt', {
'username': user.username,
'link': link
})
send_mail(
'Activate your account for BoardGame',
msg_plain,
None,
["*****@*****.**"],
fail_silently=False,
)
def mutate(self, info, oauth_type, client_id, code, redirect_uri):
try:
user = authenticate(request=info.context,
oauth_type=oauth_type,
client_id=client_id,
code=code,
redirect_uri=redirect_uri)
except Exception as e:
import traceback
traceback.print_exc()
raise e
if user is None or user.is_anonymous:
raise JSONWebTokenError('Please, enter valid credentials')
payload = jwt_payload(user)
token = jwt_encode(payload)
return OAuthTokenAuth(token=token)
def test_rsa_jwt(self):
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend(),
)
public_key = private_key.public_key()
payload = utils.jwt_payload(self.user)
with override_jwt_settings(JWT_PUBLIC_KEY=public_key,
JWT_PRIVATE_KEY=private_key,
JWT_ALGORITHM='RS256'):
token = utils.jwt_encode(payload)
decoded = utils.jwt_decode(token)
self.assertEqual(payload, decoded)
def get_payload(user: UserModel, context: WSGIRequest = None):
payload = jwt_payload(user, context)
if context is not None:
print("Context is oki doki")
s = str(context.body, 'utf-8').replace("'", '"')
print(s)
document_string = ""
if s != "":
document_string = str(json.loads(s)['query'])
else:
document_string = str(
urllib.parse.unquote(
context.META.get("QUERY_STRING", "").split("=")[1]))
if ("refreshToken" in document_string):
jti = user.jtis.create(value=crypto.create_jwt_id())
user.jwt_salt = jti.value
user.last_login = timezone.now()
user.save(update_fields=["last_login", "jwt_salt"])
payload["jti"] = user.jwt_salt
return payload
def test_payload_expired_signature(self):
payload = utils.jwt_payload(self.user)
token = utils.jwt_encode(payload)
with self.assertRaises(GraphQLJWTError):
utils.get_payload(token)
def test_payload_foreign_key_pk(self, *args):
payload = utils.jwt_payload(self.user)
username_field = get_user_model().USERNAME_FIELD
self.assertEqual(payload[username_field], 'test')
def mutate(self, info, email, action):
user_email = None
# result = settings.EMAIL_NOT_SENT_ERROR
result = settings.KO
errors_list = []
user = None
email_pattern = re.compile(settings.EMAIL_REGEX_PATTERN)
if email is None or len(email.strip()) == 0:
errors_list.append(settings.EMAIL_REQUIRED_ERROR)
elif email_pattern.match(email) is None:
errors_list.append(settings.EMAIL_REGEX_ERROR)
elif AccountActionEnum.UPDATE_EMAIL == action:
context_user = info.context.user
if context_user.is_anonymous:
errors_list.append(settings.USER_NOT_LOGGED_IN_ERROR)
elif get_user_model().objects.filter(email__iexact=email).exists():
errors_list.append(settings.EMAIL_ALREADY_REGISTERED_ERROR)
else:
user = context_user
else:
try:
user = get_user_model().objects.get(email__iexact=email)
except get_user_model().DoesNotExist:
errors_list.append(settings.ACCOUNT_DOES_NOT_EXIST_ERROR)
template_name = None
site_dir = None
subject = None
if user is not None:
# https://django-graphql-jwt.domake.io/en/stable/settings.html#pyjwt
payload = jwt_payload(user)
payload['exp'] = datetime.datetime.utcnow(
) + settings.JWT_EXPIRATION_DELTA_EMAILS
if AccountActionEnum.ACTIVATE_ACCOUNT == action:
if user.is_active:
errors_list.append(settings.ACCOUNT_ACTIVE_ERROR)
else:
template_name = "registration/verify_account_email.html"
subject = settings.SITE_NAME + " - Finalizar registro"
site_dir = "account/activate-account"
elif AccountActionEnum.UPDATE_EMAIL == action:
if not user.is_active:
errors_list.append(settings.ACCOUNT_INACTIVE_ERROR)
else:
payload['new_email'] = email
template_name = "registration/verify_account_email.html"
subject = settings.SITE_NAME + " - Actualizar dirección de correo electrónico"
site_dir = "account/update-email"
elif AccountActionEnum.RESET_PASSWORD == action:
if not user.is_active:
errors_list.append(settings.ACCOUNT_INACTIVE_ERROR)
else:
template_name = "registration/password_reset_email.html"
subject = settings.SITE_NAME + " - Restablecer contraseña"
site_dir = "account/reset-password-confirm"
else:
errors_list.append('InvalidAction')
if len(errors_list) == 0:
token = jwt_encode(payload)
message = render_to_string(
template_name, {
"user": user.first_name,
"temp_key": token,
"site_url": settings.CLIENT_URL,
"site_dir": site_dir,
"site_name": settings.SITE_NAME
})
email_to_send = EmailMessage(subject, message, to=[email])
email_to_send.send()
# It save the token information to allow a only use
user.is_used_last_token = False
user.last_token = token
user.save()
# result = settings.EMAIL_SENT
result = settings.OK
return SendVerificationEmail(email=user_email,
action=action,
result=result,
errors=errors_list)
def resolve_token(self, info, **kwargs):
if info.context.user != self:
return None
payload = jwt_payload(self)
return jwt_encode(payload)
def test_user_disabled_by_payload(self, *args):
payload = utils.jwt_payload(self.user)
with self.assertRaises(GraphQLJWTError):
utils.get_user_by_payload(payload)
def generate_token(user):
token = jwt_encode(jwt_payload(user))
return token
def test_audience(self):
payload = utils.jwt_payload(self.user)
self.assertEqual(payload["aud"], "test")
def test_audience(self):
payload = utils.jwt_payload(self.user)
self.assertEqual(payload['aud'], 'test')
def get_token(self, obj):
# generate new token
return jwt_encode(jwt_payload(obj))
def test_user_disabled_by_payload(self, *args):
payload = utils.jwt_payload(self.user)
with self.assertRaises(exceptions.JSONWebTokenError):
utils.get_user_by_payload(payload)
def payload_handler(user, context=None):
payload = jwt_payload(user)
payload['password'] = user.password[-8:]
return payload
def create_jwt_payload(user, context=None):
payload = jwt_payload(user, context)
payload["is_staff"] = user.is_staff
payload["is_superuser"] = user.is_superuser
return payload
def test_issuer(self):
payload = utils.jwt_payload(self.user)
self.assertEqual(payload["iss"], "test")
def test_user_disabled_by_payload(self, *args):
payload = utils.jwt_payload(self.user)
with self.assertRaises(GraphQLJWTError):
utils.get_user_by_payload(payload)
def test_expired_signature(self):
payload = utils.jwt_payload(self.user)
token = utils.jwt_encode(payload)
with self.assertRaises(exceptions.JSONWebTokenExpired):
utils.get_payload(token)
def create_jwt_payload(user, context=None):
payload = jwt_payload(user, context)
payload["user_id"] = graphene.Node.to_global_id("User", user.id)
payload["is_staff"] = user.is_staff
payload["is_superuser"] = user.is_superuser
return payload
def resolve_token(self, info):
payload = jwt_payload(self)
return jwt_encode(payload)
def setUp(self):
super().setUp()
self.payload = jwt_payload(self.user)
self.token = jwt_encode(self.payload)
self.request_factory = RequestFactory()
def lutece_payload(user, context=None):
payload = jwt_payload(user)
payload['password'] = user.password[-8:]
return payload
def test_payload_foreign_key_pk(self, *args):
payload = utils.jwt_payload(self.user)
username_field = get_user_model().USERNAME_FIELD
self.assertEqual(payload[username_field], 'test')
def setUp(self):
super(GraphQLJWTTestCase, self).setUp()
self.payload = jwt_payload(self.user)
self.token = jwt_encode(self.payload)
self.factory = RequestFactory()
def test_foreign_key_pk(self, *args):
payload = utils.jwt_payload(self.user)
username = jwt_settings.JWT_PAYLOAD_GET_USERNAME_HANDLER(payload)
self.assertEqual(username, 'test')
def test_payload_audience(self):
payload = utils.jwt_payload(self.user)
self.assertEqual(payload['aud'], 'test')
def test_issuer(self):
payload = utils.jwt_payload(self.user)
self.assertEqual(payload['iss'], 'test')
def test_payload_issuer(self):
payload = utils.jwt_payload(self.user)
self.assertEqual(payload['iss'], 'test')
def setUp(self):
super(GraphQLJWTTestCase, self).setUp()
self.payload = jwt_payload(self.user)
self.token = jwt_encode(self.payload)
self.factory = RequestFactory()
def test_payload_expired_signature(self):
payload = utils.jwt_payload(self.user)
token = utils.jwt_encode(payload)
with self.assertRaises(GraphQLJWTError):
utils.get_payload(token)
