コード例 #1
0
ファイル: resources.py プロジェクト: Persice/persice.com 
    def obj_create(self, bundle, request=None, **kwargs):
        bundle.obj = Obj()
        bundle.obj.id = 1
        code = bundle.data.get('code')
        redirect_uri = bundle.data.get('redirectUri', '')
        if not code:
            self.create_response(
                bundle.request, bundle,
                response_class=BadRequest('code is required'))
            logger.error('code is required')

        # TODO: Add catch errors
        token_response = FacebookAuthorization.convert_code(
            code, redirect_uri=redirect_uri)

        # TODO: Add access_token to cache
        access_token = token_response['access_token']
        action, user = connect_user(bundle.request, access_token=access_token)

        from events.tasks import store_fb_events, refresh_fb_events
        store_fb_events.delay(user)
        refresh_fb_events.delay(user)
        payload = jwt_payload_handler(user)
        payload['access_token'] = user.access_token
        bundle.obj.token = jwt_encode_handler(payload)
        # TODO: clean up response
        return bundle
コード例 #2
0
def authenticate_user(request):
    try:
        email = request.data['email']
        password = request.data['password']

        user = User.objects.get(email=email, password=password)
        if user:
            try:
                payload = jwt_payload_handler(user)
                token = jwt.encode(payload, settings.SECRET_KEY)
                user_details = {}
                user_details['name'] = "%s %s" % (user.first_name,
                                                  user.last_name)
                user_details['token'] = token
                user_logged_in.send(sender=user.__class__,
                                    request=request,
                                    user=user)
                return Response(user_details, status=status.HTTP_200_OK)

            except Exception as e:
                raise e
        else:
            res = {
                'error':
                'can not authenticate with the given credentials or the account has been deactivated'
            }
            return Response(res, status=status.HTTP_403_FORBIDDEN)
    except KeyError:
        res = {'error': 'please provide a email and a password'}
        return Response(res)
コード例 #3
0
ファイル: test_views.py プロジェクト: rednaks/django-jwt-auth 
    def setUp(self):
        self.email = "*****@*****.**"
        self.username = "******"
        self.password = "******"
        self.user = User.objects.create_user(self.username, self.email, self.password)

        self.payload = utils.jwt_payload_handler(self.user)
        self.payload["orig_iat"] = timegm(datetime.utcnow().utctimetuple())

        self.client = Client()
        self.refresh_auth_token_url = reverse("refresh_token")
コード例 #4
0
    def setUp(self):
        self.email = '*****@*****.**'
        self.username = '******'
        self.password = '******'
        self.user = User.objects.create_user(self.username, self.email,
                                             self.password)

        self.payload = utils.jwt_payload_handler(self.user)
        self.payload['orig_iat'] = timegm(datetime.utcnow().utctimetuple())

        self.client = Client()
コード例 #5
0
    def test_passing_jwt_auth(self):
        """
        Ensure getting form over JWT auth with correct credentials passes and
        does not require CSRF
        """
        payload = utils.jwt_payload_handler(self.user)
        token = utils.jwt_encode_handler(payload)

        auth = "Bearer {0}".format(token)
        response = self.client.get(self.protected_url,
                                   content_type="application/json",
                                   HTTP_AUTHORIZATION=auth)

        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json()["username"], self.username)
コード例 #6
0
    def test_expired_token_failing_jwt_auth(self):
        """
        Ensure getting over JWT auth with expired token fails
        """
        payload = utils.jwt_payload_handler(self.user)
        payload["exp"] = 1
        token = utils.jwt_encode_handler(payload)

        auth = "Bearer {0}".format(token)
        response = self.client.get(self.protected_url,
                                   content_type="application/json",
                                   HTTP_AUTHORIZATION=auth)
        self.assertEqual(response.status_code, 401)
        self.assertEqual(response["WWW-Authenticate"], 'JWT realm="api"')
        expected_error = ["Signature has expired."]
        self.assertEqual(response.json()["errors"], expected_error)
コード例 #7
0
    def test_post_json_passing_jwt_auth(self):
        """
        Ensure POSTing form over JWT auth with correct credentials
        passes and does not require CSRF
        """
        payload = utils.jwt_payload_handler(self.user)
        token = utils.jwt_encode_handler(payload)

        auth = 'Bearer {0}'.format(token)
        response = self.client.post('/jwt/',
                                    content_type='application/json',
                                    HTTP_AUTHORIZATION=auth)

        response_content = json.loads(smart_text(response.content))

        self.assertEqual(response.status_code, 200)
        self.assertEqual(response_content['username'], self.username)
コード例 #8
0
    def test_post_json_passing_jwt_auth(self):
        """
        Ensure POSTing form over JWT auth with correct credentials
        passes and does not require CSRF
        """
        payload = utils.jwt_payload_handler(self.user)
        token = utils.jwt_encode_handler(payload)

        auth = 'Bearer {0}'.format(token)
        response = self.client.post(
            '/jwt/',
            content_type='application/json',
            HTTP_AUTHORIZATION=auth
        )

        response_content = json.loads(smart_text(response.content))

        self.assertEqual(response.status_code, 200)
        self.assertEqual(response_content['username'], self.username)
コード例 #9
0
    def test_jwt_login_with_expired_token(self):
        """
        Ensure JWT login view works even if expired token is provided
        """
        payload = utils.jwt_payload_handler(self.user)
        payload['exp'] = 1
        token = utils.jwt_encode_handler(payload)

        auth = 'Bearer {0}'.format(token)
        response = self.client.post(self.login_url,
                                    json.dumps(self.login_data_with_username),
                                    content_type='application/json',
                                    HTTP_AUTHORIZATION=auth)
        self.assertEqual(response.status_code, 200)
        response_content = json.loads(smart_text(response.content))

        decoded_payload = utils.jwt_decode_handler(response_content['token'])

        self.assertEqual(decoded_payload['username'], self.username)
コード例 #10
0
    def test_post_expired_token_failing_jwt_auth(self):
        """
        Ensure POSTing over JWT auth with expired token fails
        """
        payload = utils.jwt_payload_handler(self.user)
        payload['exp'] = 1
        token = utils.jwt_encode_handler(payload)

        auth = 'Bearer {0}'.format(token)
        response = self.client.post('/jwt/',
                                    content_type='application/json',
                                    HTTP_AUTHORIZATION=auth)

        response_content = json.loads(smart_text(response.content))

        self.assertEqual(response.status_code, 401)
        self.assertEqual(response['WWW-Authenticate'], 'JWT realm="api"')

        expected_error = ['Signature has expired.']
        self.assertEqual(response_content['errors'], expected_error)
コード例 #11
0
    def test_login_with_expired_token(self):
        """
        Ensure JWT login view works even if expired token is provided
        """
        payload = utils.jwt_payload_handler(self.user)
        payload["exp"] = 1
        token = utils.jwt_encode_handler(payload)

        auth = "Bearer {0}".format(token)

        response = self.client.post(
            self.auth_token_url,
            self.data,
            content_type="application/json",
            HTTP_AUTHORIZATION=auth,
        )
        response_content = response.json()
        decoded_payload = utils.jwt_decode_handler(response_content["token"])

        self.assertEqual(response.status_code, 200)
        self.assertEqual(decoded_payload["username"], self.username)
コード例 #12
0
    def test_post_expired_token_failing_jwt_auth(self):
        """
        Ensure POSTing over JWT auth with expired token fails
        """
        payload = utils.jwt_payload_handler(self.user)
        payload['exp'] = 1
        token = utils.jwt_encode_handler(payload)

        auth = 'Bearer {0}'.format(token)
        response = self.client.post(
            '/jwt/',
            content_type='application/json',
            HTTP_AUTHORIZATION=auth
        )

        response_content = json.loads(smart_text(response.content))

        self.assertEqual(response.status_code, 401)
        self.assertEqual(response['WWW-Authenticate'], 'JWT realm="api"')

        expected_error = ['Signature has expired.']
        self.assertEqual(response_content['errors'], expected_error)
コード例 #13
0
ファイル: test_views.py プロジェクト: Alir3z4/django-jwt-auth 
    def test_jwt_login_with_expired_token(self):
        """
        Ensure JWT login view works even if expired token is provided
        """
        payload = utils.jwt_payload_handler(self.user)
        payload['exp'] = 1
        token = utils.jwt_encode_handler(payload)

        auth = 'Bearer {0}'.format(token)

        response = self.client.post(
            '/auth-token/',
            json.dumps(self.data),
            content_type='application/json',
            HTTP_AUTHORIZATION=auth
        )

        response_content = json.loads(smart_text(response.content))

        decoded_payload = utils.jwt_decode_handler(response_content['token'])

        self.assertEqual(response.status_code, 200)
        self.assertEqual(decoded_payload['username'], self.username)