def refresh_jwt_cookies(request, response): """ Resets the JWT related cookies in the response, while expecting a refresh cookie in the request. """ try: refresh_token = request.COOKIES[jwt_cookies.jwt_refresh_cookie_name()] except KeyError: raise AuthFailedError(u"JWT Refresh Cookie not found in request.") # TODO don't extend the cookie expiration - reuse value from existing cookie cookie_settings = standard_cookie_settings(request) _create_and_set_jwt_cookies(response, request, cookie_settings, refresh_token=refresh_token) return response
def refresh_jwt_cookies(request, response): """ Resets the JWT related cookies in the response, while expecting a refresh cookie in the request. """ try: refresh_token = request.COOKIES[jwt_cookies.jwt_refresh_cookie_name()] except KeyError: raise AuthFailedError(u"JWT Refresh Cookie not found in request.") # TODO don't extend the cookie expiration - reuse value from existing cookie cookie_settings = standard_cookie_settings(request) _create_and_set_jwt_cookies(response, request, cookie_settings, refresh_token=refresh_token) return response
def _set_jwt_cookies(response, cookie_settings, jwt_header_and_payload, jwt_signature, refresh_token): """ Sets the given jwt_header_and_payload, jwt_signature, and refresh token in 3 different cookies. The latter 2 cookies are set as httponly. """ cookie_settings['httponly'] = None response.set_cookie(jwt_cookies.jwt_cookie_header_payload_name(), jwt_header_and_payload, **cookie_settings) cookie_settings['httponly'] = True response.set_cookie(jwt_cookies.jwt_cookie_signature_name(), jwt_signature, **cookie_settings) response.set_cookie(jwt_cookies.jwt_refresh_cookie_name(), refresh_token, **cookie_settings)
def refresh_jwt_cookies(request, response): """ Resets the JWT related cookies in the response, while expecting a refresh cookie in the request. """ if JWT_COOKIES_FLAG.is_enabled(): try: refresh_token = request.COOKIES[ jwt_cookies.jwt_refresh_cookie_name()] except KeyError: raise AuthFailedError(u"JWT Refresh Cookie not found in request.") _create_and_set_jwt_cookies(response, request, refresh_token=refresh_token) return response
def _set_jwt_cookies(response, cookie_settings, jwt_header_and_payload, jwt_signature, refresh_token): """ Sets the given jwt_header_and_payload, jwt_signature, and refresh token in 3 different cookies. The latter 2 cookies are set as httponly. """ cookie_settings['httponly'] = None response.set_cookie( jwt_cookies.jwt_cookie_header_payload_name(), jwt_header_and_payload, **cookie_settings ) cookie_settings['httponly'] = True response.set_cookie( jwt_cookies.jwt_cookie_signature_name(), jwt_signature, **cookie_settings ) response.set_cookie( jwt_cookies.jwt_refresh_cookie_name(), refresh_token, **cookie_settings )
log = logging.getLogger(__name__) CREATE_LOGON_COOKIE = Signal(providing_args=['user', 'response']) JWT_COOKIE_NAMES = ( # Header and payload sections of a JSON Web Token containing user # information and used as an access token. jwt_cookies.jwt_cookie_header_payload_name(), # Signature section of a JSON Web Token. jwt_cookies.jwt_cookie_signature_name(), # Refresh token, which can be used to get a new JSON Web Token. jwt_cookies.jwt_refresh_cookie_name(), ) # TODO (ARCH-245): Remove the following deprecated cookies. DEPRECATED_LOGGED_IN_COOKIE_NAMES = ( # Set to 'true' if the user is logged in. settings.EDXMKTG_LOGGED_IN_COOKIE_NAME, # JSON-encoded dictionary with user information. settings.EDXMKTG_USER_INFO_COOKIE_NAME, ) ALL_LOGGED_IN_COOKIE_NAMES = JWT_COOKIE_NAMES + DEPRECATED_LOGGED_IN_COOKIE_NAMES def is_logged_in_cookie_set(request):
log = logging.getLogger(__name__) CREATE_LOGON_COOKIE = Signal(providing_args=['user', 'response']) JWT_COOKIE_NAMES = ( # Header and payload sections of a JSON Web Token containing user # information and used as an access token. jwt_cookies.jwt_cookie_header_payload_name(), # Signature section of a JSON Web Token. jwt_cookies.jwt_cookie_signature_name(), # Refresh token, which can be used to get a new JSON Web Token. jwt_cookies.jwt_refresh_cookie_name(), ) # TODO (ARCH-245): Remove the following deprecated cookies. DEPRECATED_LOGGED_IN_COOKIE_NAMES = ( # Set to 'true' if the user is logged in. settings.EDXMKTG_LOGGED_IN_COOKIE_NAME, # JSON-encoded dictionary with user information. settings.EDXMKTG_USER_INFO_COOKIE_NAME, ) ALL_LOGGED_IN_COOKIE_NAMES = JWT_COOKIE_NAMES + DEPRECATED_LOGGED_IN_COOKIE_NAMES def are_logged_in_cookies_set(request):