def get_jwt_value(self, request): auth = get_authorization_header(request).split() auth_header_prefix = api_settings.JWT_AUTH_HEADER_PREFIX.lower() if not auth or smart_text(auth[0].lower()) != auth_header_prefix: return None if len(auth) == 1: msg = _('Invalid Authorization header. No credentials provided.') raise exceptions.AuthenticationFailed(msg) elif len(auth) > 2: msg = _('Invalid Authorization header. Credentials string ' 'should not contain spaces.') raise exceptions.AuthenticationFailed(msg) return auth[1]
def authenticate(self, request): """ Returns two-tuple of (user, token) if authentication succeeds, or None otherwise. """ auth_header = get_authorization_header(request).decode(HTTP_HEADER_ENCODING) auth = auth_header.split() if not auth or auth[0].lower() != 'bearer': return None if len(auth) == 1: msg = 'Invalid token header. No backend provided.' raise exceptions.AuthenticationFailed(msg) elif len(auth) == 2: msg = 'Invalid token header. No credentials provided.' raise exceptions.AuthenticationFailed(msg) elif len(auth) > 3: msg = 'Invalid token header. Token string should not contain spaces.' raise exceptions.AuthenticationFailed(msg) token = auth[2] backend = auth[1] strategy = load_strategy(request=request) try: backend = load_backend(strategy, backend, reverse(NAMESPACE + ":complete", args=(backend,))) except MissingBackend: msg = 'Invalid token header. Invalid backend.' raise exceptions.AuthenticationFailed(msg) try: user = backend.do_auth(access_token=token) except requests.HTTPError as e: msg = e.response.text raise exceptions.AuthenticationFailed(msg) if not user: msg = 'Bad credentials.' raise exceptions.AuthenticationFailed(msg) return user, token