def validate(self, attrs): refresh = RefreshToken(attrs["refresh"]) user_model = get_user_model() if not user_model.objects.get(id=refresh.get("user_id")).state == "A": raise PermissionDenied( detail="Your account is deactivated. Contact support." ) data = {"access": str(refresh.access_token)} if api_settings.ROTATE_REFRESH_TOKENS: if api_settings.BLACKLIST_AFTER_ROTATION: try: # Attempt to blacklist the given refresh token refresh.blacklist() except AttributeError: # If blacklist app not installed, `blacklist` method will # not be present pass refresh.set_jti() refresh.set_exp() data["refresh"] = str(refresh) return data
def validate(self, attrs): refresh = RefreshToken(attrs['refresh']) data = {'access': str(refresh.access_token)} if settings.SIMPLE_JWT['ROTATE_REFRESH_TOKENS']: if settings.SIMPLE_JWT['BLACKLIST_AFTER_ROTATION']: try: # Attempt to blacklist the given refresh token refresh.blacklist() except AttributeError: # If blacklist app not installed, `blacklist` method will # not be present pass refresh.set_jti() refresh.set_exp() data['refresh'] = str(refresh) jwt_obj = JWTAuthentication() user = jwt_obj.get_user(refresh.access_token) user_serializer = UserSerializer(user) data['user'] = user_serializer.data data['token_expire_at'] = refresh.access_token.get('exp') data['refresh_token_expire_at'] = refresh.get('exp') return data
def get(self, request, *args, **kwargs): refresh_old = request.COOKIES.get('refresh', None) try: refresh = RefreshToken(refresh_old) print(refresh.get('username')) except TokenError: return Response({'error': "Invalid refresh token"}, status=400) response = Response({'access': str(refresh.access_token)}, status=200) return response
def validate(self, attrs): try: refresh = RefreshToken(attrs['refresh']) except TokenError: raise AuthenticationFailed('만료되었거나 유효하지 않은 토큰 값입니다') if not User.objects.filter( id=refresh.get('user_id'), is_active=True, ).exists(): raise AuthenticationFailed('유효하지 않은 토큰입니다') attrs['refresh'] = refresh return attrs
def post(self, request): """Blacklists refresh token. That token cannot be used to fetch access_token after this request. """ try: token = RefreshToken(request.data.get("refresh")) except TokenError as token_error: return Response({"errors": token_error.args}, status=status.HTTP_400_BAD_REQUEST) # handling for case value of `refresh` is `null` in request if token.get("user_id"): token.blacklist() return Response({"message": "Logout successful."}, status=status.HTTP_200_OK) return Response({"errors": ("Logout failed.", )}, status=status.HTTP_400_BAD_REQUEST)
def validate(self, attrs): # wrap the given refresh token as a RefreshToken object refresh = RefreshToken(attrs["refresh"]) # create response data data = {"access": str(refresh.access_token)} if jwt_settings["ROTATE_REFRESH_TOKENS"]: blacklisted_token = None if jwt_settings["BLACKLIST_AFTER_ROTATION"]: try: # Attempt to blacklist the given refresh token blacklisted_token, _ = refresh.blacklist() except AttributeError: # If blacklist app not installed, `blacklist` method will # not be present pass # rotate refresh token refresh.set_jti() if refresh.get("client", False) == "pyintelowl": refresh.set_exp( lifetime=jwt_settings.get("PYINTELOWL_TOKEN_LIFETIME", None) ) else: refresh.set_exp() data["refresh"] = str(refresh) # PATCHED - Create Outstanding Token in the db if blacklisted_token: user = blacklisted_token.token.user if user: OutstandingToken.objects.create( user=user, jti=refresh.payload["jti"], token=str(refresh), created_at=refresh.current_time, expires_at=datetime_from_epoch(refresh["exp"]), ) return data