def user_login(req: HttpRequest):
login_fail_msg = 'Sign In information does not match.'
try:
body = json.loads(req.body)
Validator.param_validator(body, ['user_id', 'password'])
user = User.objects.get(id=body.get('user_id'))
if not HashersPassword.is_matched_password(body.get('password'), user.password):
raise UnAuthorizedException(login_fail_msg)
if user.active == 'N':
raise UnAuthorizedException('This user is inactive.')
logged = get_or_empty(LoggedInToken.objects.get_queryset(), user=user)
token = TokenUtils.issue_token(user)
if not logged:
LoggedInToken.objects.create(user=user, token=token)
else:
logged.token = token
logged.save()
return JsonResponse({
'token': token,
'idx': user.idx,
'name': user.name,
})
except HttpException as he:
return ResReturner.get_res(he.code, he.message)
except User.DoesNotExist:
return ResReturner.get_res(status.HTTP_401_UNAUTHORIZED, login_fail_msg)
def authenticate(self, request):
"""
Custom authenticate.
:param request: request
:return: authenticate
"""
tokens = CustomJSONWebTokenAuthentication.parse_token(request)
user, jwt_value = super().authenticate(request)
logged = get_or_empty(LoggedInToken.objects.get_queryset(),
token=tokens[1])
if not logged:
raise NotAuthenticated('Login information not found.')
return user, jwt_value
def logout(req):
if logged := get_or_empty(LoggedInToken.objects.get_queryset(), user=req.user):
logged.delete()