def validate(self, attrs): try: user = JWT.get_user_from_jwt(attrs['token']) if user is not None: return {'user_id': user.uid} else: raise exceptions.NotAuthenticated('The token was invalid') except: raise exceptions.NotAuthenticated('The token was invalid')
def validate(self, attrs): authenticate_kwargs = { self.username_field: attrs[self.username_field], 'password': attrs['password'], } try: authenticate_kwargs['request'] = self.context['request'] except KeyError: pass self.user = authenticate(**authenticate_kwargs) if self.user is None or not self.user.is_active: raise exceptions.AuthenticationFailed( self.error_messages['no_active_account'], 'no_active_account', ) team = attrs.get('team', None) token = JWT.get_user_token(self.user, team) return {'token': token}
def validate(self, attrs): try: request = self.context['request'] auth_header = self.context['request'].headers.get( 'Authorization').split()[1] client_id = auth_header.split(':')[0] client_secret = auth_header.split(':')[1] client = Client.objects.get(client_id=client_id, client_secret=client_secret) print('GOT CLIENT:') print(client.id) if client.permissions.filter( codename='can_force_user_login').exists(): user_email = request.data['email'] user = User.objects.get(email=user_email) team = attrs.get('team', None) token = JWT.get_user_token(user, team) return {'token': token} except: raise exceptions.NotAuthenticated('The authentication was invalid')
def get_serializer_context(self): token = JWT.get_token_from_request(self.request) payload = JWT.decode(token) print(payload) return {'active_team': payload.get('team_id', None)}
def get_queryset(self): token = JWT.get_token_from_request(self.request) payload = JWT.decode(token) self.kwargs['pk'] = payload['user_id'] return User.objects.filter(is_active=True)
def test_token_expired(self): """A token that is expired will fail.""" with self.assertRaises(jwt.InvalidTokenError) as error_expired_token: JWT.decode(self.invalid_token_expired) self.assertIn('token was invalid', str(error_expired_token.exception))
def test_token_with_wrong_secret_fails_decode(self): """A token signed with the wrong secret will fail.""" with self.assertRaises(jwt.InvalidTokenError) as error_invalid_token: JWT.decode(self.invalid_token_wrong_secret_key) self.assertIn('token was invalid', str(error_invalid_token.exception))
def test_valid_token_passes_decode(self): """A validly-signed and unexpired token will be parsed without fail.""" token = JWT.decode(self.valid_token) self.assertEqual(token['one'], self.valid_payload['one'])
def validate(self, attrs): token = JWT.refresh_token(attrs['token']) return {'token': token}
def get_token(cls, user, team): return JWT.get_user_token(user, team)