def post(self, request): serializer = AccountSerializer(data=request.data) try: serializer.is_valid(raise_exception=True) user = serializer.validated_data['username'] user = CustomBackend.authenticate( self, request, username=serializer.validated_data['username'], password=serializer.validated_data['password'], ) if user == None: #Password not correct but we set this message to secure return Response("Username or Password is incorrect !", status=status.HTTP_401_UNAUTHORIZED) else : # data = TokenSerializer(user).data refresh = TokenObtainPairSerializer.get_token(user) data = { 'username':user.username, 'is_admin':user.is_admin, 'refresh_token': str(refresh), 'access_token': str(refresh.access_token), 'access_expires': int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'].total_seconds()), 'refresh_expires': int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'].total_seconds()), } return Response(data, status=status.HTTP_200_OK) except serializers.ValidationError: return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def func(prof_id=None, prof=None, expire_date=settings.ACCESS_TOKEN_LIFETIME): if prof is None: assert prof_id is not None, 'Must include a prof_id if you do not provide a profile' prof = create_test_prof(prof_id) access_token = str( TokenObtainPairSerializer.get_token(prof).access_token) cookies = SimpleCookie() signature_cookie = 'JWT-SIGNATURE' cookies[SIGNATURE_COOKIE_NAME] = access_token.split('.')[-1] cookies[SIGNATURE_COOKIE_NAME]['HttpOnly'] = True cookies[SIGNATURE_COOKIE_NAME]['SameSite'] = "Strict" # FIXME make secure = to TRUE in production cookies[SIGNATURE_COOKIE_NAME]['Secure'] = False cookies[SIGNATURE_COOKIE_NAME]['Path'] = '/' # This joins together the header and payload list items into a string cookies[PAYLOAD_COOKIE_NAME] = '.'.join(access_token.split('.')[:2]) # FIXME make secure = to TRUE in production cookies[PAYLOAD_COOKIE_NAME]['Secure'] = False cookies[PAYLOAD_COOKIE_NAME]['SameSite'] = "Strict" expire_time = (datetime.now(tz=timezone.utc) + settings.ACCESS_TOKEN_LIFETIME) cookies[PAYLOAD_COOKIE_NAME]['expires'] = expire_time.strftime( "%a, %d %b %Y %H:%M:%S GMT") cookies[PAYLOAD_COOKIE_NAME]['Max-Age'] = int( settings.ACCESS_TOKEN_LIFETIME.total_seconds()) cookies[PAYLOAD_COOKIE_NAME]['Path'] = '/' return prof, cookies
def generate_user_with_token(email, password, user=None): client = APIClient() user = user if user else generate_user(email, password) token = TokenObtainPairSerializer.get_token(user) client.credentials( HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token)) return client
def post(self, request): serializer = UserLoginSerializer(data=request.data) if serializer.is_valid(): user = authenticate(request, username=serializer.validated_data['email'], password=serializer.validated_data['password']) if user: refresh = TokenObtainPairSerializer.get_token(user) data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token) } return Response(data, status=status.HTTP_200_OK) return Response( { 'error_message': 'Email or password is incorrect!', 'error_code': 400, }, status=status.HTTP_400_BAD_REQUEST) return Response({ 'error_message': serializer.errors, 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST)
def post(self, request): # seri data seri = serializers.UserSerializer(data=request.data) if seri.is_valid(): seri.validated_data['password'] = make_password( seri.validated_data['password']) new_user = seri.save() Doctor.objects.create(user=new_user) # Gui ve Token refresh = TokenObtainPairSerializer.get_token(new_user) data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token), 'access_expires': int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'].total_seconds( )), 'refresh_expires': int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME']. total_seconds()) } return Response(data, status=status.HTTP_201_CREATED) else: print(seri.errors) return JsonResponse( { 'error_message': 'Error Serialize User', 'errors_code': 400, }, status=status.HTTP_400_BAD_REQUEST)
def post(self, request): serializer = UserLoginSerializer(data=request.data) if serializer.is_valid(): user = authenticate(request, username=serializer.validated_data['email'], password=serializer.validated_data['password']) if user: refresh = TokenObtainPairSerializer.get_token(user) data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token), 'access_expires': int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME']. total_seconds()), 'refresh_expires': int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME']. total_seconds()) } return Response(data, status=status.HTTP_200_OK) return Response( { 'error_message': 'Email or password is incorrect!', 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST) return Response( { 'error_messages': serializer.errors, 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, format=None): token_pair = TokenObtainPairSerializer.get_token(request.user) result = {} result["refresh"] = str(token_pair) result["access"] = str(token_pair.access_token) create_action(request.user, LOGIN, request.user) return Response(result, status=status.HTTP_200_OK)
def jwt_encode(user): try: from rest_framework_simplejwt.serializers import TokenObtainPairSerializer except ImportError: raise ImportError("rest-framework-simplejwt needs to be installed") refresh = TokenObtainPairSerializer.get_token(user) return refresh.access_token, refresh
def create_access_token_for_user(user): """ Create an access token for user. :param user: :return Encoded token """ refresh = TokenObtainPairSerializer.get_token(user) encoded_token = token_backend.encode(refresh.access_token.payload) return encoded_token
def generate_random_client_with_token(): client = APIClient() try: user = User.objects.create_user(email=TEST_USER_EMAIL, password=TEST_USER_PASSWORD) except IntegrityError: user = User.objects.get(email=TEST_USER_EMAIL) token = TokenObtainPairSerializer.get_token(user) client.credentials( HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token)) return client
def post(self, request): password = CustomUser.objects.make_random_password() data = request.data data.update({'password': password}) serializer = UserCreateSerializer(data=request.data) if serializer.is_valid(): user = serializer.save() token = TokenObtainPairSerializer.get_token(user) return JsonResponse({'access': str(token.access_token)}) else: return JsonResponse(serializer.errors, status=400)
def test_normal_auth_request(self, create_test_prof): factory = APIRequestFactory() view = AuthRequiredViewStub.as_view() prof = create_test_prof(1) access_token = str( TokenObtainPairSerializer.get_token(prof).access_token) request = factory.get( '', **{'HTTP_AUTHORIZATION': f"Bearer {access_token}"}) response = view(request) assert response.status_code == status.HTTP_200_OK
def lti_launch(request): """Django view for the lti post request. Verifies the given LTI parameters based on our secret, if a user can be found based on the verified parameters a redirection link is send with corresponding JW access and refresh token to allow for a user login. If no user can be found on our end, but the LTI parameters were verified nonetheless, we are dealing with a new user and redirect with additional parameters that will allow for the creation of a new user. If the parameters are not validated a redirection is send with the parameter state set to BAD_AUTH. """ secret = settings.LTI_SECRET key = settings.LTI_KEY try: lti.OAuthRequestValidater.check_signature(key, secret, request) except (oauth2.Error, ValueError): return redirect( lti.create_lti_query_link( QueryDict.fromkeys(['state'], LTI_STATES.BAD_AUTH.value))) params = request.POST.dict() user = lti.get_user_lti(params) user = handle_test_student(user, params) params['exp'] = datetime.datetime.utcnow() + datetime.timedelta(minutes=15) lti_params = encode_lti_params(params) try: if user is None: query = QueryDict(mutable=True) query['state'] = LTI_STATES.NO_USER.value query['lti_params'] = lti_params query['username'] = params['custom_username'] query['full_name'] = params.get('custom_user_full_name', None) else: refresh = TokenObtainPairSerializer.get_token(user) query = QueryDict.fromkeys(['lti_params'], lti_params, mutable=True) query['jwt_access'] = str(refresh.access_token) query['jwt_refresh'] = str(refresh) query['state'] = LTI_STATES.LOGGED_IN.value except KeyError as err: query = QueryDict.fromkeys(['state'], LTI_STATES.KEY_ERR.value, mutable=True) query[ 'description'] = 'The request is missing the following parameter: {0}.'.format( err) return redirect(lti.create_lti_query_link(query))
def validate(self, data): email = self.initial_data["email"] hash_email = hashlib.sha256(email.encode("utf-8")).hexdigest() conformation_code = data["conformation_code"] if hash_email != conformation_code: raise serializers.ValidationError("credential doesn't match") user = User.objects.create_user(email=email, password=conformation_code) refresh = TokenObtainPairSerializer.get_token(user) del data["email"] del data["conformation_code"] data["token"] = str(refresh.access_token) return data
def validate(self, data): email = self.initial_data['email'] confirme_code = data['confirme_code'] user = CustomUser.objects.filter(email=email).first() if user: if confirme_code == user.confirme_code: user.is_active = True user.save() refresh = TokenObtainPairSerializer.get_token(user) del data['email'] del data['confirme_code'] data['token'] = str(refresh.access_token) return data else: raise serializers.ValidationError( {'token': 'User already has token.'})
def post(self, request, format='json'): data = request.data serializer = CustomUserSerializer(data=data) if serializer.is_valid(): user = serializer.save() if user: refresh = TokenObtainPairSerializer.get_token(user) access = refresh.access_token return Response( { 'access': str(access), 'refresh': str(refresh) }, status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def get_token(self, serializer): """ Returns access and refersh token for a user """ if serializer.is_valid(): user = self.get_user(serializer.data) refresh = TokenObtainPairSerializer.get_token(user) return Response( { 'refresh': str(refresh), 'access': str(refresh.access_token) }, status=status.HTTP_200_OK) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def validate(self, data): send_confirmation_code = data['confirmation_code'] data = cache.get_many(['u', 'e', 'c_c']) if not data: raise serializers.ValidationError( 'Время подтверждения регистрации истекло') username = data['u'] email = data['e'] confirmation_code = data['c_c'] if send_confirmation_code == confirmation_code: user = User.objects.create(username=username, email=email, confirmation_code=confirmation_code) user.save() refresh = TokenObtainPairSerializer.get_token(user) data['token'] = str(refresh.access_token) return data
def post(self, request): serializer = UserLoginSerializer(data=request.data) if serializer.is_valid(): user = authenticate(request, username=serializer.validated_data['email'], password=serializer.validated_data['password']) print(user) print(serializer.validated_data['email'], serializer.validated_data['password']) if user: refresh = TokenObtainPairSerializer.get_token(user) data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token) } device_info = "" if 'device_info' not in serializer.validated_data: device_info = "Unknown" else: device_info = serializer.validated_data['device_info'] ip = get_client_ip(request) user_history = UserHistory( email=serializer.validated_data['email'], device_info=device_info, ip=str(ip)) print(user_history) user_history.save() return Response(data, status=status.HTTP_200_OK) return Response( { 'error_messages': 'Email or password is incorrect!', 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST) return Response( { 'error_messages': serializer.errors, 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST)
def login_view(request): if request.method == "POST": serializer = LoginSerializer(data=request.data) if serializer.is_valid(): user = serializer.validated_data.get('user', '') django_login(request, user) jwt = TokenObtainPairSerializer.get_token(user=user) token = { 'refresh': str(jwt), 'access': str(jwt.access_token), 'is_first_login': True if not user.last_active else False } return JsonResponse(token, status=status.HTTP_200_OK) return JsonResponse({"detail": "Login Failed"}, status=status.HTTP_404_NOT_FOUND)
def post(self, request): try: data = request.data if 'phone' not in data: raise APIException(detail="Phone field is required!!!!", code=status.HTTP_400_BAD_REQUEST) user_instance = User.objects.filter(phone=data["phone"]).first() if not user_instance: raise APIException(detail="user does not exists!!!!", code=status.HTTP_400_BAD_REQUEST) is_validate = self.validate_password(data, user_instance) if user_instance and is_validate: s = UserSerializer(instance=user_instance, data=data) s.is_valid(raise_exception=True) token_serializer = TokenObtainPairSerializer.get_token( user_instance) data = s.data data.update(token=str(token_serializer.access_token)) return Response(data=data, status=status.HTTP_200_OK) except Exception as ex: return Response(data=ex.args, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): req = request.data username = req.get('username') password = req.get('password') if username is None or password is None: return Response({'success': False, 'message': 'Missing or incorrect credentials', 'data': req}, status=status.HTTP_400_BAD_REQUEST) try: user = User.objects.get(username=username) except: return Response({'success': False, 'message': 'User not found' }, status=status.HTTP_404_NOT_FOUND) if not user.check_password(password): return Response({'success': False, 'message': 'Incorrect password', 'data': req}, status=status.HTTP_403_FORBIDDEN) # make token from user found by username token = TokenObtainPairSerializer.get_token(user).access_token profile = Profile.objects.get(user=user.pk) return Response({ 'user': { 'id': user.pk, 'profile_id': profile.id, 'name': profile.name, 'address': profile.address, 'phone': profile.phone, }, 'token': str(token), }, status=status.HTTP_200_OK)
def validate(self, attrs): hash = attrs.pop('hash') keys = list(attrs.keys()) keys.sort() data_check_string = '/n'.join([f'{key}={attrs[key]}' for key in keys]) secret_key = hashlib.sha256( settings.BOT_TOKEN.encode('utf-8')).digest() hmac_secret = hmac.new(secret_key, msg=data_check_string.encode('utf-8'), digestmod=hashlib.sha256) employee = Employee.objects.filter(chat_id=int(attrs['id'])).first() if employee: refresh = BaseTokenObtainPairSerializer.get_token(employee.user) data = { "refresh": str(refresh), "access": str(refresh.access_token) } return data return attrs
def post(self, request): serializer = UserLoginSerializer(data=request.data) if serializer.is_valid(): user = authenticate( request, username=serializer.validated_data['email'], password=serializer.validated_data['password'] ) if user: refresh = TokenObtainPairSerializer.get_token(user) em = serializer.validated_data['email'] userinfo = User.objects.raw( 'SELECT * FROM user WHERE email = %s', [em]) id_user = userinfo[0].id email_user = userinfo[0].email data = { 'refresh_token': str(refresh), 'access_token': str(refresh.access_token), 'statusCode': 200, 'user_id': id_user, 'email': email_user, 'role_id': userinfo[0].role_id } return Response(data, status=status.HTTP_200_OK) else: return Response({ 'error_message': 'Email or password is incorrect!', 'error_code': 400 }, status=status.HTTP_200_OK) else: return Response({ 'error_messages': serializer.errors, 'error_code': 400 }, status=status.HTTP_400_BAD_REQUEST)
def get_access_token(user): return str(TokenObtainPairSerializer.get_token(user).access_token)
def get_user_tokens(user): token = TokenObtainPairSerializer.get_token(user=user) return {'refresh': str(token), 'access': str(token.access_token)}
def _generate_refresh_token(self): from rest_framework_simplejwt.serializers import TokenObtainPairSerializer refresh = TokenObtainPairSerializer.get_token(self._user) self.data["access_token"] = str(refresh.access_token) self.data["refresh_token"] = str(refresh)
def post(self, request): params = get_parameter_dic(request) name = params.get('name') code = params.get('code') app = get_app_config(name) if code: api = WXAPPAPI(appid=app.app_id, app_secret=app.secret) try: session_info = api.exchange_code_for_session_key(code=code) except OAuth2AuthExchangeError: session_info = None if session_info: openid = session_info.get('openid', None) session_key = session_info.get('session_key', None) user = create_or_update_user_info(openid, None) logger.info('用户id:{}'.format(user.id)) try: deal_ip(request, user) except: logger.info("分析ip地址失败", user.id) record_time(user) token = TokenObtainPairSerializer.get_token(user).access_token login_record = RecordLogin.objects.create(user=user, game=app) login_record.save() try: GameInfo.objects.get(user_id=user, game_id=app) except: GameInfo.objects.create(user_id=user, game_id=app) if user.is_auth is True: logger.info('用户登录成功' + user.nick_name) user = model_to_dict( user, fields=[ 'nick_name', 'last_login', 'avatar_url', 'gender', 'city', 'province', 'country', 'login', 'id', 'company', 'restaurant', 'current_role', 'is_owner', 'is_client', 'is_manager', 'openid' ]) else: user = {'openid': openid, 'session_key': session_key} logger.info('用户登录成功' + openid) return Response({ 'status': 1, 'jwt': str(token), 'user': user }, status=HTTP_200_OK) # if openid: # try: # user = MyUser.objects.get(openid=openid) # except: # try: # encryptedData = \ # params.get('encryptedData').replace(' ', '+') # iv = \ # params.get('iv').replace(' ', '+') # except: # return Response({'error': '缺少解密参数!'}) # crypt = WXBizDataCrypt(app.app_id, session_key) # user_info_raw = crypt.decrypt(encryptedData, iv) # logger.info("user_info: {0}".format(user_info_raw)) # if user_info_raw: # for k, v in self.fields.items(): # user_info[k] = user_info_raw.get(v) # user = create_or_update_user_info(openid, user_info) # game_info = GameInfo.objects.create(user_id=user, game_id=app) # if user: # token = TokenObtainPairSerializer.get_token(user).access_token # record_time(user) # # response = Response() # # response.set_cookie('app',app.id) # # logger.info('cookie:{}'.format(request.COOKIES)) # return Response( # { # 'status': 1, # 'jwt': str(token), # 'user': model_to_dict( # user, # fields=[ # 'nick_name', 'last_login', 'avatar_url', 'gender', # 'city', 'province', 'country', 'login', # 'company', 'restaurant', 'current_role', # 'is_owner', 'is_client', 'is_manager' # ]) # }, # status=HTTP_200_OK) else: logger.info('用户登录失败') return Response({'status': 0, 'mes': 'code失效!'}) return Response({ 'status': 0, 'mes': '没有信息' }, status=HTTP_204_NO_CONTENT)
def jwt_encode(user): refresh = TokenObtainPairSerializer.get_token(user) return refresh.access_token, refresh