def jwt_get_secret_key(payload=None):
"""
For enhanced security you may want to use a secret key based on user.
This way you have an option to logout only this user if:
- token is compromised
- password is changed
- etc.
"""
if api_settings.JWT_GET_USER_SECRET_KEY:
username = api_settings.JWT_PAYLOAD_GET_USERNAME_HANDLER(payload)
User = get_user_model()
# Make sure user exists
try:
user = User.objects.get_by_natural_key(username)
except User.DoesNotExist:
msg = _("User doesn't exist.")
raise serializers.ValidationError(msg)
key = api_settings.JWT_GET_USER_SECRET_KEY(user)
return key
return api_settings.JWT_SECRET_KEY
def jwt_get_username_from_payload(cls, *args, **kwargs):
return api_settings.JWT_PAYLOAD_GET_USERNAME_HANDLER(*args, **kwargs)