def login(self, request): data = verify(request.POST["assertion"], self.audience) if data and "email" in data: email = data["email"] user, created = User.create_or_get(email=email) response = ResponseRedirect(self.login_success_url) encoded = jwt.encode({"email": user.email}, self.jwt_key, algorithm=self.jwt_algorithm) response.set_cookie("jwt", encoded, secure=True) return response return ResponseRedirect(self.login_failure_url)
def verify_jwt(self, request, encoded): payload = jwt.decode(encoded, self.jwt_key, algorithms=[self.jwt_algorithm]) request.browserid = payload["email"] request.user, created = User.create_or_get(email=request.browserid)