def validated(self, serialized_data, *args, **kwargs): from rest_framework_jwt.settings import api_settings from datetime import datetime from .models import AuthTransaction from drfaddons.add_ons import get_client_ip from rest_framework.response import Response user = serialized_data.object.get('user') or self.request.user token = serialized_data.object.get('token') response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token, user, self.request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) user.last_login = datetime.now() user.save() AuthTransaction(user=user, ip_address=get_client_ip(self.request), token=token, session=user.get_session_auth_hash()).save() return response
def post(self, request, *args, **kwargs): try: check_recaptcha(data=self.request.data, required_field='recaptcha_response') except (RequiredFieldException, RecaptchaException) as e: return JsonResponse(e.message, status=e.status_code) serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user, request) response_data['name'] = user.first_name # add the is_admin flag for the front end to make sure to only login admin users in dashboard if user.is_staff: response_data['is_admin'] = True response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True, domain='analytics.searchsofts.com', path='/') return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def validated(self, serialized_data, *args, **kwargs): """Validates the response""" user = serialized_data.object.get("user") or self.request.user token = serialized_data.object.get("token") response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user, self.request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) user.last_login = datetime.now() user.save() AuthTransaction( created_by=user, token=token, ip_address=get_client_ip(self.request), session=user.get_session_auth_hash(), ).save() return response
def login(request): serializer = LoginSerializer(data=request.data) if serializer.is_valid(raise_exception=False): # get username username_or_email = serializer.data['username_or_email'] if '@' in username_or_email: try: username = get_user_model().objects \ .get(email=username_or_email, social_auth__isnull=True) \ .username except get_user_model().DoesNotExist: username = username_or_email else: username = username_or_email # try credentials user = authenticate(username=username, password=serializer.data['password']) if user is not None: # success payload = api_settings.JWT_PAYLOAD_HANDLER(user) token = api_settings.JWT_ENCODE_HANDLER(payload) response_payload = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user) return Response(status=status.HTTP_200_OK, data={ 'authInfo': response_payload, 'msg': _('You have been logged in.') }) return Response(status=status.HTTP_403_FORBIDDEN, data={'_error': _('Wrong username or password.')})
def generate_token(self, user): jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) return api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token, user)
def create(self, request): """ :param request: {'username': '******', 'password': '******'} :return: {'token': 'abcdef123456'} """ account = authenticate(**request.data) if not account: raise serializers.ValidationError({'error': 'Incorrect Username or Password'}) pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account) token = api_settings.JWT_ENCODE_HANDLER(pre_payload) token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token) return Response(token)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user, request) return Response(data=response_data, status=status.HTTP_200_OK) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def create(self, validated_data): """ @brief account registration logic. """ if validated_data['password'] != validated_data['confirm_password']: raise serializers.ValidationError({'error': 'Passwords must match'}) else: del validated_data['confirm_password'] account = User.objects.create_user(**validated_data) pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account) token = api_settings.JWT_ENCODE_HANDLER(pre_payload) account.token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token) return account
def post(self, request, *args, **kwargs): res = super(SocialView, self).post(request, *args, **kwargs) if res.status_code != 200: return res token = res.data['token'] user = get_user_model().objects.get(pk=res.data['id']) response_payload = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user) return Response(status=status.HTTP_200_OK, data={ 'authInfo': response_payload, 'msg': _('You have been logged in.') })
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user, request) res = Response(response_data) res.set_cookie(api_settings.JWT_AUTH_HEADER_PREFIX.upper(), value=response_data['token'], httponly=True, expires=datetime.now() + api_settings.JWT_EXPIRATION_DELTA) return res return Response({"error": serializer.errors})
def create(self, validated_data): """ @brief account registration logic. """ confirm_password = validated_data.get('confirm_password') if confirm_password and validated_data['password'] == confirm_password: del validated_data['confirm_password'] else: raise serializers.ValidationError( {'error': constants.ERROR_PASSWORD_CONFIRMATION} ) account = User.objects.create_user(**validated_data) pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account) token = api_settings.JWT_ENCODE_HANDLER(pre_payload) account.token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token) return account
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user user.last_login = datetime.datetime.now() user.save() token = serializer.object.get('token') response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user, request) profile_serializer = common_serializers.ProfileDetailSerializer( instance=user.profile) response_data.update({ 'expires_in': api_settings.JWT_EXPIRATION_DELTA, 'profile': profile_serializer.data }) return Response(response_data) return Response(serializer.errors, status=400)
def post(self, request, *args, **kwargs): # print(request.user) if request.user.is_authenticated(): return Response({'detail': 'You are already authenticated'}, status=400) data = request.data username = data.get('username') # username or email address password = data.get('password') qs = User.objects \ .filter(Q(username__iexact=username) | Q(email__iexact=username)) \ .distinct() if qs.count() == 1: user_obj = qs.first() if user_obj.check_password(password): user = user_obj payload = api_settings.JWT_PAYLOAD_HANDLER(user) token = api_settings.JWT_ENCODE_HANDLER(payload) response = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user, request=request) return Response(response) return Response({"detail": "Invalid credentials"}, status=401)
def create(self, request, *args, **kwargs): """ :param request: {'username': '******', 'password': '******', 'token': 'xxxx'} :return: {'token': 'abcdef123456'} """ token = request.data['token'] if not check_google_recaptcha(token, 'LOGIN'): # TODO SAME ACTION CONDITIONAL raise serializers.ValidationError({'error': constants.ERROR_CAPTCHA}) username = request.data['username'] password = request.data['password'] account = authenticate(username=username, password=password) if not account: raise serializers.ValidationError({'error': constants.ERROR_AUTH}) pre_payload = api_settings.JWT_PAYLOAD_HANDLER(account) token = api_settings.JWT_ENCODE_HANDLER(pre_payload) token = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token) return Response(token)
def post(self, request, *args, **kwargs): # print(request.user) if request.user.is_authenticated: return Response({'detail': 'Already authenticated!'}, status=400) data = request.data username = data.get('username') password = data.get('password') qs = User.objects \ .filter(Q(username__iexact=username) | Q(email__iexact=username)) \ .distinct() if qs.count() == 1: user_obj = qs.first() if user_obj.check_password(password): user = user_obj # Custom function to generate the token payload payload = api_settings.JWT_PAYLOAD_HANDLER(user) token = api_settings.JWT_ENCODE_HANDLER(payload) # Controlling the response data returned after login or refresh. # Override to return a custom response - serialized representation of the User response = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER( token, user, request=request) return Response(response) return Response({"detail": "Invalid credentials"}, status=401)
def jwt_create_response_payload(cls, *args, **kwargs): return api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(*args, **kwargs)