def token_obtain_pair_handler(username, password): """ Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials. """ ser = TokenObtainPairSerializer(data={ get_username_field(): username, 'password': password }) ser.is_valid(raise_exception=True) update_last_login(None, ser.user) res = dict(refresh=ser.validated_data.get('refresh'), access=ser.validated_data.get('access'), user=UserSerializer(ser.user).data) return res
def func(prof_id=None, prof=None, expire_date=settings.ACCESS_TOKEN_LIFETIME): if prof is None: assert prof_id is not None, 'Must include a prof_id if you do not provide a profile' prof = create_test_prof(prof_id) access_token = str( TokenObtainPairSerializer.get_token(prof).access_token) cookies = SimpleCookie() signature_cookie = 'JWT-SIGNATURE' cookies[SIGNATURE_COOKIE_NAME] = access_token.split('.')[-1] cookies[SIGNATURE_COOKIE_NAME]['HttpOnly'] = True cookies[SIGNATURE_COOKIE_NAME]['SameSite'] = "Strict" # FIXME make secure = to TRUE in production cookies[SIGNATURE_COOKIE_NAME]['Secure'] = False cookies[SIGNATURE_COOKIE_NAME]['Path'] = '/' # This joins together the header and payload list items into a string cookies[PAYLOAD_COOKIE_NAME] = '.'.join(access_token.split('.')[:2]) # FIXME make secure = to TRUE in production cookies[PAYLOAD_COOKIE_NAME]['Secure'] = False cookies[PAYLOAD_COOKIE_NAME]['SameSite'] = "Strict" expire_time = (datetime.now(tz=timezone.utc) + settings.ACCESS_TOKEN_LIFETIME) cookies[PAYLOAD_COOKIE_NAME]['expires'] = expire_time.strftime( "%a, %d %b %Y %H:%M:%S GMT") cookies[PAYLOAD_COOKIE_NAME]['Max-Age'] = int( settings.ACCESS_TOKEN_LIFETIME.total_seconds()) cookies[PAYLOAD_COOKIE_NAME]['Path'] = '/' return prof, cookies
def post(self, request): # seri data seri = serializers.UserSerializer(data=request.data) if seri.is_valid(): seri.validated_data['password'] = make_password( seri.validated_data['password']) new_user = seri.save() Doctor.objects.create(user=new_user) # Gui ve Token refresh = TokenObtainPairSerializer.get_token(new_user) data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token), 'access_expires': int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'].total_seconds( )), 'refresh_expires': int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME']. total_seconds()) } return Response(data, status=status.HTTP_201_CREATED) else: print(seri.errors) return JsonResponse( { 'error_message': 'Error Serialize User', 'errors_code': 400, }, status=status.HTTP_400_BAD_REQUEST)
def process_register_form(request, auth_method='session'): form = NewUserForm( request.POST) if auth_method == 'session' else NewUserFormAPI( request.POST) token_dict = None if form.is_valid(): try: with transaction.atomic(): new_user = form.save() user = authenticate(email=form.cleaned_data['email'], password=form.cleaned_data['password1']) p = UserProfile(id=user.id) p.assign_slug() p.join_invited_groups() if PARTNER_GROUP_EMAIL_PATTERN_LOOKUP_FILE: p.add_partner_group_by_email() if hasattr(request, "interfaceLang"): p.settings["interface_language"] = request.interfaceLang p.save() except Exception: return {"error": "something went wrong"} if auth_method == 'session': auth_login(request, user) elif auth_method == 'jwt': token_dict = TokenObtainPairSerializer().validate({ "username": form.cleaned_data['email'], "password": form.cleaned_data['password1'] }) return { k: v[0] if len(v) > 0 else unicode(v) for k, v in form.errors.items() }, token_dict, form
class UserWriteSerializer(serializers.ModelSerializer): username = serializers.CharField( required=True, validators=[UniqueValidator(queryset=get_user_model().objects.all(), message="Username already exists.")], label="username", ) password = serializers.CharField(required=True, write_only=True, min_length=9, label="password") registration_token = serializers.CharField(label="registration_token", read_only=True) token = TokenObtainPairSerializer(read_only=True, label="token") class Meta: model = get_user_model() fields = ["username", "registration_token", "password", "token"] def create(self, validated_data): password = validated_data.pop("password") user = super().create(validated_data) user.set_password(password) user.save() return user def validate_registration_token(self, token): if token is None or token == "": raise serializers.ValidationError("registration token is required.") if token == settings.REGISTER_TOKEN: return token raise serializers.ValidationError("Invalid registration token.")
def post(self, request): serializer = AccountSerializer(data=request.data) try: serializer.is_valid(raise_exception=True) user = serializer.validated_data['username'] user = CustomBackend.authenticate( self, request, username=serializer.validated_data['username'], password=serializer.validated_data['password'], ) if user == None: #Password not correct but we set this message to secure return Response("Username or Password is incorrect !", status=status.HTTP_401_UNAUTHORIZED) else : # data = TokenSerializer(user).data refresh = TokenObtainPairSerializer.get_token(user) data = { 'username':user.username, 'is_admin':user.is_admin, 'refresh_token': str(refresh), 'access_token': str(refresh.access_token), 'access_expires': int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'].total_seconds()), 'refresh_expires': int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'].total_seconds()), } return Response(data, status=status.HTTP_200_OK) except serializers.ValidationError: return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request, *args, **kwargs): try: serializer = RegistrationSerializer(data=request.data) if serializer.is_valid(): validated_data = serializer.validated_data created, profile_id, message = serializer.create( validated_data=validated_data) if created: tokenr = TokenObtainPairSerializer().\ get_token(request.user) tokena = AccessToken().for_user(request.user) logged_in_user = User.objects.get(id=profile_id) return Response({ 'created': True, 'user_id': profile_id }, status=status.HTTP_200_OK) else: print(logger) logger.debug('Error') return Response({'message': message}, status=status.HTTP_400_BAD_REQUEST) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) except Exception as e: print(e) logger.errors(e) return Response({'message': 'Issue'}, status=status.HTTP_409_CONFLICT)
def post(self, request): serializer = UserLoginSerializer(data=request.data) if serializer.is_valid(): user = authenticate(request, username=serializer.validated_data['email'], password=serializer.validated_data['password']) if user: refresh = TokenObtainPairSerializer.get_token(user) data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token), 'access_expires': int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME']. total_seconds()), 'refresh_expires': int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME']. total_seconds()) } return Response(data, status=status.HTTP_200_OK) return Response( { 'error_message': 'Email or password is incorrect!', 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST) return Response( { 'error_messages': serializer.errors, 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST)
def test_it_should_produce_a_json_web_token_when_valid(self): s = TokenObtainPairSerializer( data={ TokenObtainPairSerializer.username_field: self.username, 'password': self.password, }) self.assertTrue(s.is_valid()) self.assertIn('access', s.validated_data) self.assertIn('refresh', s.validated_data) # Expecting token type claim to be correct for both tokens. If this is # the case, instantiating appropriate token subclass instances with # encoded tokens should not raise an exception. AccessToken(s.validated_data['access']) RefreshToken(s.validated_data['refresh'])
def post(self, request, format=None): """ include validations here later """ email = request.data.get('email') new_password = request.data.get('password') confirm_password = request.data.get('confirm_password') if str(new_password) != str(confirm_password): message = {"message": "Both passwords must match."} return Response(message, status=status.HTTP_406_NOT_ACCEPTABLE) user = MyUser.objects.get(email__iexact=email) user.set_password(new_password) user.save() #getting token r_token = TokenObtainPairSerializer().get_token(request.user) a_token = AccessToken().for_user(request.user) tokens = { 'refresh': str(r_token), 'access': str(a_token), 'my_pk': user.pk } message = {"message": "Password Changed."} return Response(tokens, status=status.HTTP_202_ACCEPTED)
def generate_user_with_token(email, password, user=None): client = APIClient() user = user if user else generate_user(email, password) token = TokenObtainPairSerializer.get_token(user) client.credentials( HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token)) return client
def process_register_form(request, auth_method='session'): form = SefariaNewUserForm( request.POST) if auth_method == 'session' else SefariaNewUserFormAPI( request.POST) token_dict = None if form.is_valid(): with transaction.atomic(): new_user = form.save() user = authenticate(email=form.cleaned_data['email'], password=form.cleaned_data['password1']) p = UserProfile(id=user.id) p.assign_slug() p.join_invited_collections() if hasattr(request, "interfaceLang"): p.settings["interface_language"] = request.interfaceLang p.save() if auth_method == 'session': auth_login(request, user) elif auth_method == 'jwt': token_dict = TokenObtainPairSerializer().validate({ "username": form.cleaned_data['email'], "password": form.cleaned_data['password1'] }) return { k: v[0] if len(v) > 0 else str(v) for k, v in list(form.errors.items()) }, token_dict, form
def post(self, request): serializer = UserLoginSerializer(data=request.data) if serializer.is_valid(): user = authenticate(request, username=serializer.validated_data['email'], password=serializer.validated_data['password']) if user: refresh = TokenObtainPairSerializer.get_token(user) data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token) } return Response(data, status=status.HTTP_200_OK) return Response( { 'error_message': 'Email or password is incorrect!', 'error_code': 400, }, status=status.HTTP_400_BAD_REQUEST) return Response({ 'error_message': serializer.errors, 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST)
def jwt_encode(user): try: from rest_framework_simplejwt.serializers import TokenObtainPairSerializer except ImportError: raise ImportError("rest-framework-simplejwt needs to be installed") refresh = TokenObtainPairSerializer.get_token(user) return refresh.access_token, refresh
def post(self, request, format=None): token_pair = TokenObtainPairSerializer.get_token(request.user) result = {} result["refresh"] = str(token_pair) result["access"] = str(token_pair.access_token) create_action(request.user, LOGIN, request.user) return Response(result, status=status.HTTP_200_OK)
def post(self, request, *args, **kwargs): try: info = list( User.objects.filter(email=request.data.get("email")).values( 'uuid', 'email', 'username')) info = info[0] except: return Response(responsedata(False, "No User found"), status=status.HTTP_404_NOT_FOUND) if not request.data.get('email'): return Response(responsedata(False, "Email Id is required"), status=status.HTTP_405_METHOD_NOT_ALLOWED) if not request.data.get("password"): return Response(responsedata(False, "Password is required"), status=status.HTTP_405_METHOD_NOT_ALLOWED) if not User.objects.filter(email=request.data.get("email")).exists(): return Response(responsedata(False, "No user found with this Email Id"), status=status.HTTP_404_NOT_FOUND) if User.objects.filter(email=request.data.get("email")).exists(): user = list( User.objects.filter( email=request.data.get("email")).values())[0] if not User.objects.get( email=request.data.get("email")).check_password( request.data.get("password")): print( User.objects.get( email=request.data.get("email")).get_password()) return Response(responsedata(False, "Incorrect Password"), status=status.HTTP_404_NOT_FOUND) serializer = TokenObtainPairSerializer(data=request.data) if serializer.is_valid(raise_exception=True): data = serializer.validate(request.data) data.update({"Access-Control-Expose-Headers": "access"}) data.update(info) if serializer.User.is_active: return Response(responsedata(True, "Login Successfull", data), status=200) else: return Response(responsedata(False, "Please Validate Your Email Id"), status=400)
def login(request): auth = { "username": request.data["username"], "password": request.data["password"] } tokens = TokenObtainPairSerializer(auth).validate(auth) return Response(data=tokens)
def token(self, request, *args, **kwargs): """ Token Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials. """ serializer = TokenObtainPairSerializer(data=request.data) try: serializer.is_valid(raise_exception=True) except TokenError as e: raise InvalidToken(e.args[0]) return response.Response(serializer.validated_data, status=status.HTTP_200_OK)
def get_token(name, password): """Возвращает jwt-токен для пользователя с логином name и паролем password Возвращает None, если такого пользователя не существует""" user = authenticate(username=name, password=password) if user: token = TokenObtainPairSerializer().get_token(user) return token else: return None
def create_access_token_for_user(user): """ Create an access token for user. :param user: :return Encoded token """ refresh = TokenObtainPairSerializer.get_token(user) encoded_token = token_backend.encode(refresh.access_token.payload) return encoded_token
def post(self, request): errors = [] if not request.data.get('username'): errors.append('username cannot be empty') if not request.data.get('email'): errors.append('email cannot be empty') if not request.data.get('password'): errors.append('password cannot be empty') elif len(request.data['password']) < 8: errors.append('password must be at least 8 characters long') if errors: return Response( {'info': errors}, status=status.HTTP_400_BAD_REQUEST, ) # create the user user_serializer = UserSerializer(data=request.data) try: user_serializer.is_valid(raise_exception=True) except Exception as e: return Response( {'info': list(e.detail.values())}, status=status.HTTP_400_BAD_REQUEST, ) new_user = user_serializer.save() # create the profile profile_data = {'user': new_user.pk} profile_serializer = ProfileSerializer(data=profile_data) profile_serializer.is_valid(raise_exception=True) new_profile = profile_serializer.save() # create and return the jwts jwt_serializer = TokenObtainPairSerializer(data=request.data) try: jwt_serializer.is_valid(raise_exception=True) except TokenError as e: raise InvalidToken(e.args[0]) jwtResponse = Response(jwt_serializer.validated_data, status=status.HTTP_200_OK) jwtResponse.data['username'] = new_user.username return jwtResponse
def post(self, request): password = CustomUser.objects.make_random_password() data = request.data data.update({'password': password}) serializer = UserCreateSerializer(data=request.data) if serializer.is_valid(): user = serializer.save() token = TokenObtainPairSerializer.get_token(user) return JsonResponse({'access': str(token.access_token)}) else: return JsonResponse(serializer.errors, status=400)
def generate_random_client_with_token(): client = APIClient() try: user = User.objects.create_user(email=TEST_USER_EMAIL, password=TEST_USER_PASSWORD) except IntegrityError: user = User.objects.get(email=TEST_USER_EMAIL) token = TokenObtainPairSerializer.get_token(user) client.credentials( HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token)) return client
def test_normal_auth_request(self, create_test_prof): factory = APIRequestFactory() view = AuthRequiredViewStub.as_view() prof = create_test_prof(1) access_token = str( TokenObtainPairSerializer.get_token(prof).access_token) request = factory.get( '', **{'HTTP_AUTHORIZATION': f"Bearer {access_token}"}) response = view(request) assert response.status_code == status.HTTP_200_OK
def post(self, request, *args, **kwargs): if request.data: request.POST._mutable = True data = request.data data['Pass'] = data.get('password') if User.objects.filter(email=data.get('email')).values().exists(): Response(responsedata(False, "User already present"), status=status.HTTP_409_CONFLICT) data['is_active'] = True serializer = UserSerializer(data=data) if serializer.is_valid(raise_exception=True): serializer.save() tokenserializer = TokenObtainPairSerializer( data={ "email": request.data.get("email"), "password": request.data.get("password") }) if tokenserializer.is_valid(raise_exception=True): data = tokenserializer.validate({ "email": request.data.get("email"), "password": request.data.get("password") }) tempid = serializer.data.get("uuid") else: return Response(responsedata(False, "Can't insert data"), status=400) respdata = { 'uuid': tempid, 'data': data, 'username': serializer.data['username'], 'email': serializer.data['email'], } return Response(responsedata(True, "Data Inserted", respdata), status=200) else: return Response(responsedata(False, "No data provided"), status=412)
def lti_launch(request): """Django view for the lti post request. Verifies the given LTI parameters based on our secret, if a user can be found based on the verified parameters a redirection link is send with corresponding JW access and refresh token to allow for a user login. If no user can be found on our end, but the LTI parameters were verified nonetheless, we are dealing with a new user and redirect with additional parameters that will allow for the creation of a new user. If the parameters are not validated a redirection is send with the parameter state set to BAD_AUTH. """ secret = settings.LTI_SECRET key = settings.LTI_KEY try: lti.OAuthRequestValidater.check_signature(key, secret, request) except (oauth2.Error, ValueError): return redirect( lti.create_lti_query_link( QueryDict.fromkeys(['state'], LTI_STATES.BAD_AUTH.value))) params = request.POST.dict() user = lti.get_user_lti(params) user = handle_test_student(user, params) params['exp'] = datetime.datetime.utcnow() + datetime.timedelta(minutes=15) lti_params = encode_lti_params(params) try: if user is None: query = QueryDict(mutable=True) query['state'] = LTI_STATES.NO_USER.value query['lti_params'] = lti_params query['username'] = params['custom_username'] query['full_name'] = params.get('custom_user_full_name', None) else: refresh = TokenObtainPairSerializer.get_token(user) query = QueryDict.fromkeys(['lti_params'], lti_params, mutable=True) query['jwt_access'] = str(refresh.access_token) query['jwt_refresh'] = str(refresh) query['state'] = LTI_STATES.LOGGED_IN.value except KeyError as err: query = QueryDict.fromkeys(['state'], LTI_STATES.KEY_ERR.value, mutable=True) query[ 'description'] = 'The request is missing the following parameter: {0}.'.format( err) return redirect(lti.create_lti_query_link(query))
def Signin(request): try: user = authenticate(username=request.data.get("email"), password=request.data.get("password")) if user is not None: tokenObtainPairObj = TokenObtainPairSerializer() data_access_refresh_token_dict = tokenObtainPairObj.validate( request.data) data_access_refresh_token_dict.update( {"user": serializers.UserProfileSerializer(user).data}) return Response(data_access_refresh_token_dict) else: return Response({"error": "Authentication Failure"}, status=status.HTTP_401_UNAUTHORIZED) except Exception as e: logger.exception("Token exception : %s", e) return Response( { "error": "Internal Server Error. We are extreamly sorry for the inconvenience. We will be back soon." }, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = self.perform_create(serializer) data = serializer.data token = TokenObtainPairSerializer().get_token(user) data.update({'username': user.username}) data.update({'refresh': str(token)}) data.update({'access': str(token.access_token)}) headers = self.get_success_headers(serializer.data) return Response(data, status=status.HTTP_201_CREATED, headers=headers)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) phone_number = serializer.validated_data['phone_number'] user = User.objects.filter(phone_number=phone_number).first() token = TokenObtainPairSerializer().get_token(user) data = serializer.data data.update({'username': user.username}) data.update({'refresh': str(token)}) data.update({'access': str(token.access_token)}) return Response(data, status=status.HTTP_200_OK)
def tokens(self, request, *args, **kwargs): token_obtain_pair_serializer = TokenObtainPairSerializer( data=request.data) token_obtain_pair_serializer.is_valid(raise_exception=True) user = User.objects.get(email=request.data['email']) is_exist_profile = hasattr(user, 'profile') response_data = { **token_obtain_pair_serializer.validated_data, 'user': user, 'profile': user.profile if is_exist_profile else None, 'coin_history': CoinHistory.objects.filter(profile=user.profile).order_by('-id') if is_exist_profile else [], } serializer = self.get_serializer(response_data) return Response(data=serializer.data, status=status.HTTP_200_OK)