def on_login(self, token):
authenticator = TokenAuthentication()
try:
authenticator.authenticate_credentials(token)
except AuthenticationFailed as e:
return self.emit_error('error_login', e.detail)
self.request.user = Token.objects.get(key=token).user
self.lift_acl_restrictions()
return ['OK']
def authenticate_from_key(auth_key):
authenticate = TokenAuthentication()
user, token = authenticate.authenticate_credentials(auth_key)
if is_token_expired(token):
token.delete()
raise exceptions.AuthenticationFailed("token was expired")
return user
def obtain_user_from_token(r, token):
auth = TokenAuthentication()
response = auth.authenticate_credentials(token)
user = {
'id': response[0].id,
'username': response[0].username,
'first_name': response[0].first_name,
'token': token,
}
return HttpResponse(json.dumps(user))
def lookup(self, request):
auth = TokenAuthentication()
try:
key = request.query_params['key']
user, key = auth.authenticate_credentials(key)
user_serializer = self.serializer_class(
user, context={'request': request})
return Response(user_serializer.data, status=status.HTTP_200_OK)
except KeyError:
return Response({'key': ["This field is required."]},
status=status.HTTP_400_BAD_REQUEST)
except AuthenticationFailed:
raise NotFound(detail="User doesn't exist")
def delete(self, request):
auth_key = request.data.get("auth", "")
authenticate = TokenAuthentication()
try:
user, token = authenticate.authenticate_credentials(auth_key)
except exceptions.AuthenticationFailed as err:
return Response({
"ok": False,
"detail": err.detail,
}, status=status.HTTP_403_FORBIDDEN)
token.delete()
return Response({
"ok": True,
"detail": token.created,
}, status=status.HTTP_202_ACCEPTED)
def __call__(self, request):
token_auth_checker = TokenAuthentication()
user = None
try:
auth = token_auth_checker.authenticate(request)
if auth is None:
token_key = request.COOKIES.get('authToken')
if token_key is not None:
auth = token_auth_checker.authenticate_credentials(
token_key)
if auth is not None:
user = auth[0]
except drf_exceptions.AuthenticationFailed:
pass
request.user = user or AnonymousUser()
return self.get_response(request)
def process_request(self, request):
token = request.GET.get(settings.EMAIL_AUTH_TOKEN_NAME)
if token is None:
return
try:
# attempt to auth via authtoken
token_auth = TokenAuthentication()
user, _ = token_auth.authenticate_credentials(token)
except AuthenticationFailed:
# attempt to auth by drfpasswordless
user = authenticate_by_token(token)
if user is None:
return
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
def process_request(self, request):
token = None
try:
token = request.GET['token']
except :
pass
if token:
try:
token_auth = TokenAuthentication()
user, t = token_auth.authenticate_credentials(token)
"""
this is only good for single backend case.
"""
for backend_path in settings.AUTHENTICATION_BACKENDS:
user.backend = backend_path
login(request, user)
except (exceptions.AuthenticationFailed):
pass
pass
def authenticate_auth_token(request):
"""
auth-token验证
:param request:
:return: None
"""
# 已身份认证
if not isinstance(request.user, AnonymousUser):
return
key = request.query_params.get('token')
if not key:
return
authenticator = TokenAuthentication()
try:
user, token = authenticator.authenticate_credentials(key=key)
request._authenticator = authenticator
request.user, request.auth = user, token
except AuthenticationFailed:
pass
def connect(self):
self.token = self.scope['url_route']['kwargs']['token']
self.issueID = self.scope['url_route']['kwargs']['issueID']
self.room_group_name = 'issue_'+str(self.issueID)
knoxAuth = TokenAuthentication()
user, auth_token = knoxAuth.authenticate_credentials(self.token.encode(HTTP_HEADER_ENCODING))
if user:
try:
self.issue = Issue.objects.get(id = self.issueID)
self.user = user
async_to_sync(self.channel_layer.group_add)(
self.room_group_name,
self.channel_name
)
self.accept()
except Issue.DoesNotExist:
pass
def get_verified_user(auth_token):
authenticator = TokenAuthentication()
verified_user, _ = authenticator.authenticate_credentials(auth_token)
return verified_user
def get_verified_user(auth_token):
authenticator = TokenAuthentication()
verified_user, _ = authenticator.authenticate_credentials(auth_token)
return verified_user
