def decode(self, token: str, kind: str) -> dict:
"""decodes jwt into json(python dict)"""
if kind == 'refresh':
return decode_jwt(token.replace('Bearer ', '').encode('utf-8'),
self._refresh_secret,
algorithms=['HS256'])
if kind == 'access':
return decode_jwt(token.replace('Bearer ', '').encode('utf-8'),
self._access_secret,
algorithms=['HS256'])
raise ValueError('token kind must be either refresh or access')
def test_custom_jwt_claims_cookie_w_authentication(self):
payload = {"username": self.USERNAME, "password": self.PASS}
get_user_model().objects.create_user(self.USERNAME, self.EMAIL,
self.PASS)
resp = self.post(self.login_url, data=payload, status_code=200)
self.assertEqual(['jwt-auth'], list(resp.cookies.keys()))
token = resp.cookies.get('jwt-auth').value
claims = decode_jwt(token, settings.SECRET_KEY, algorithms='HS256')
self.assertEquals(claims['user_id'], 1)
self.assertEquals(claims['name'], 'person')
self.assertEquals(claims['email'], '*****@*****.**')
resp = self.get('/protected-view/')
self.assertEquals(resp.status_code, 200)
def test_custom_jwt_claims(self):
payload = {
"username": self.USERNAME,
"password": self.PASS
}
get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS)
self.post(self.login_url, data=payload, status_code=200)
self.assertEqual('access_token' in self.response.json.keys(), True)
self.token = self.response.json['access_token']
claims = decode_jwt(self.token, settings.SECRET_KEY, algorithms='HS256')
self.assertEquals(claims['user_id'], 1)
self.assertEquals(claims['name'], 'person')
self.assertEquals(claims['email'], '*****@*****.**')
def verify_password_reset_token(cls, token):
user = None
try:
token_data = decode_jwt(
token,
current_app.config["SECRET_KEY"],
algorithms=[current_app.config["JWT_ALGORITHM"]],
)
user_id = token_data["reset_password"]
user = cls.get_by_id(user_id)
except InvalidTokenError as ite:
current_app.logger.error(
f"Someone is trying to use an invalid token to reset a user password!\n{str(ite)}"
)
return user
