def post(self, request):
token = request.headers['Authorization'][4:]
user_info = VerifyJSONWebTokenSerializer().validate({'token':
token})['user']
if user_info.id == request.data.get('user'):
serializer = UserProbSerializers(data=request.data)
if serializer.is_valid(raise_exception=True):
serializer.save()
return Response({'message': '저장되었습니다.'})
return Response({'message': '권한이 없습니다.'})
def delete(self, request, user_id, myinter_id):
token = request.headers['Authorization'][4:]
user_info = VerifyJSONWebTokenSerializer().validate({'token': token})['user']
if user_id == user_info.id or user_info.is_superuser:
myinter = get_object_or_404(Interview, id=myinter_id)
os.remove(myinter.file.path)
myinter.delete()
return Response({'message': '삭제완료'})
else:
return Response({'message': '권한이 없습니다.'})
def __call__(self, scope):
try:
token_header = scope['query_string'].decode().split('=')
data = {'token': token_header[1]}
valid_data = VerifyJSONWebTokenSerializer().validate(data)
user = valid_data['user']
scope['user'] = user
except:
print("Auth error")
return self.inner(scope)
def authenticate(self, request):
token = {"token": request.META.get("HTTP_AUTHORIZATION")}
valid_data = VerifyJSONWebTokenSerializer().validate(token)
# print(valid_data)
user = valid_data['user']
print(user.username)
if user:
return
else:
raise AuthenticationFailed
def validate_jwt_token(request):
try:
token = request.META['HTTP_AUTHORIZATION']
data = {'token': token.split()[1]}
valid_data = VerifyJSONWebTokenSerializer().validate(data)
except Exception as e:
return Response(e)
return Response(status=status.HTTP_200_OK)
def post_update_view(request):
"""View To Update A Post For Logged In Users"""
if request.method == 'POST':
token_type, token = request.META.get('HTTP_AUTHORIZATION').split()
if (token_type != 'JWT'):
return Response({'detail': 'No JWT Authentication Token Found'},
status=status.HTTP_400_BAD_REQUEST)
token_data = {'token': token}
try:
valid_data = VerifyJSONWebTokenSerializer().validate(token_data)
logged_in_user = valid_data.get('user')
except:
return Response({'detail': 'Invalid Token'},
status.HTTP_400_BAD_REQUEST)
updated_data = request.data
instance = Post.objects.get(slug=updated_data.get('slug'))
admin_user = User.objects.get(pk=1) # PK Of Admin User Is 1
if (instance.author == logged_in_user or logged_in_user == admin_user):
updated_data.pop('slug')
serializer = PostUpdateSerializer(instance, data=updated_data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data,
status=status.HTTP_202_ACCEPTED)
else:
return Response({'detail': 'Something Went Wrong.'},
status=status.HTTP_400_BAD_REQUEST)
else:
return Response(
{'detail': 'You Are Not Authorised To Edit This Post'},
status.HTTP_403_FORBIDDEN)
else:
return Response({'detail': 'You Are Not Authorised To Edit This Post'},
status.HTTP_403_FORBIDDEN)
def authenticate(self, request):
token = {"token": None}
token["token"] = request.META.get('HTTP_TOKEN')
valid_data = VerifyJSONWebTokenSerializer().validate(token)
print(valid_data)
user = valid_data['user']
print(user)
if user:
return
else:
raise AuthenticationFailed('认证失败')
def validate_jwt_token(request):
try:
token = request.META["HTTP_AUTHORIZATION"]
data = {"token": token.split()[1]}
valid_data = VerifyJSONWebTokenSerializer().validate(data)
except Exception as e:
return Response(e)
return Response(status=status.HTTP_200_OK,
data={"result": "token is valid"})
def is_logged_in(request):
token = str(request.headers['Authentication']).split(' ')[1]
try:
data = VerifyJSONWebTokenSerializer().validate({'token': token})
return {
'status': True,
'user': data['user'],
}
except Exception as exp:
print(exp.__dict__)
return {'status': False, 'exp': exp.__dict__}
def process_response(self, request, response):
# 仅用于处理 login请求
if request.META['PATH_INFO'] == '/api/user/user_login':
rep_data = response.data
valid_data = VerifyJSONWebTokenSerializer().validate(rep_data)
user = valid_data['user']
user.user_jwt = rep_data['token']
user.save()
return response
else:
return response
def process_response(self, request, response):
# 处理login请求
if response.META['PATH_INFO'] == '/login/':
# 因为登陆认证ObtainJSONWebToken继承自JSONWebTokenAPIView,所以是Response对象,不是HttpResponse对象,所以使用response.data,而不是response.content
rep_data = response.data
# 默认response.data里面必有token,根据序列化器VerifyJSONWebTokenSerializer()返回token和user
valid_data = VerifyJSONWebTokenSerializer().validate(rep_data)
user = valid_data['user']
user.user_jwt = rep_data['token']
user.save()
return response
def func_wrapper(self, validated_data):
token = self.context['request'].META.get('HTTP_AUTHORIZATION',
" ").split(' ')[1]
data = {'token': token}
user_data = VerifyJSONWebTokenSerializer().validate(data)
if user_data['user'] is not None:
validated_data['created_by'] = user_data['user']
else:
validated_data['created_by'] = None
obj_result = func(self, validated_data)
return obj_result
def test_login_success(self):
user = UserProfile.objects.create(
username='******', email='*****@*****.**')
identity = {'email': '*****@*****.**', 'uid': '9001'}
self.fxa_identify.return_value = identity
response = self.client.post(
self.url, {'code': 'code', 'state': 'some-blob'})
assert response.status_code == 200
assert response.data['email'] == '*****@*****.**'
verify = VerifyJSONWebTokenSerializer().validate(response.data)
assert verify['user'] == user
self.update_user.assert_called_with(user, identity)
def process_view(self, request, view_func, view_args, view_kwargs):
token = request.META.get('HTTP_AUTHORIZATION')
if token:
token = token.split(' ')[-1]
try:
valid_data = VerifyJSONWebTokenSerializer().validate({'token': token})
except:
return
if valid_data and valid_data['user']:
user = valid_data['user']
User.objects.filter(pk=user.pk) \
.update(last_activity=timezone.now())
def validateJWT(request):
if request.method == 'POST':
try:
token = request.META['HTTP_AUTHORIZATION']
data = {'token' : token.split()[1]}
print(request.data['username'])
user = VerifyJSONWebTokenSerializer().validate(data)
if str(user['user']) != request.data['username']:
return Response({"message" : "Invalid token"}, status=status.HTTP_409_CONFLICT)
except KeyError as e:
return Response({"message" : "fail"}, status=status.HTTP_409_CONFLICT)
return Response({"message": "ok"}, status=status.HTTP_200_OK)
def __call__(self, scope):
try:
token_header = dict(
scope['headers'])[b'authorization'].decode().split()
data = {'token': token_header[1]}
valid_data = VerifyJSONWebTokenSerializer().validate(data)
user = valid_data['user']
scope['user'] = user
except Exception as e:
raise PermissionDenied(str(e))
return self.inner(scope)
def __call__(self, scope):
try:
# token_header = dict(scope['headers'])[b'query_string'].decode().split()
data = {'token': scope['query_string'].decode().split('=')[1]}
valid_data = VerifyJSONWebTokenSerializer().validate(data)
print(valid_data)
user = valid_data['user']
scope['user'] = user
except:
pass
return self.inner(scope)
def authenticate(self, request):
token = {"token": request.META.get('HTTP_AUTHORIZATION', None)}
valid_data = VerifyJSONWebTokenSerializer().validate(token)
user = valid_data['user']
organization = user.organization
#organization_id = user.organization.id
#organization_name = user.organization.name
#request.user.
if user:
return
else:
raise AuthenticationFailed('认证失败')
def __call__(self, scope):
# Look up user from query string (you should also do things like
# check it's a valid user ID, or if scope["user"] is already populated)
query = dict(parse_qsl(scope["query_string"].decode('utf-8')))
try:
user = VerifyJSONWebTokenSerializer().validate(query)
user = user['user']
except ValidationError:
user = AnonymousUser()
close_old_connections()
# Return the inner application directly and let it run everything else
return self.inner(dict(scope, user=user))
def user_delete(request, user_id):
token = request.headers['Authorization'][4:]
user_info = VerifyJSONWebTokenSerializer().validate({'token':
token})['user']
if user_info.is_superuser or user_info.id == user_id:
user = get_object_or_404(User, id=user_id)
if user.is_superuser:
return Response({'message': '관리자 삭제 불가'})
else:
user.delete()
return Response({'message': '삭제되었습니다.'})
return Response({'message': '권한이 없습니다.'})
def check_object_permissions(self, request, obj):
token = self.request.META.get('HTTP_AUTHORIZATION', " ").split(' ')[1]
data = {'token': token}
valid_data = VerifyJSONWebTokenSerializer().validate(data)
username = valid_data['user']
employees = get_object_or_404(Employee, pk=self.kwargs["pk"])
tmp1 = str(username)
tmp2 = str(employees.company.username)
if (tmp1 != tmp2):
self.permission_denied(request)
def test_login_success(self):
user = UserProfile.objects.create(username='******',
email='*****@*****.**')
identity = {'email': '*****@*****.**', 'uid': '9001'}
self.fxa_identify.return_value = identity
response = self.post()
assert response.status_code == 200
assert response.data['email'] == '*****@*****.**'
assert 'jwt_api_auth_token' not in self.client.cookies
verify = VerifyJSONWebTokenSerializer().validate(response.data)
assert verify['user'] == user
self.update_user.assert_called_with(user, identity)
assert has_cors_headers(response)
def get(self, request, *args, **kwargs):
token = {"token": ""}
token["token"] = request.META.get('HTTP_AUTHENTICATION').split("Token ")[1]
valid_data = VerifyJSONWebTokenSerializer().validate(token)
user = valid_data['user']
# info = {"data": USER_MANAGE_PERMISSIONS}
info = {"data": user.get_manage_permission_list()}
return Response({"code": 200, "result": info, "pageSize": 50,
"pageNo": 0,
"totalPage": 1,
"totalCount": 57})
def get_jwt_user(request):
if not request.user.is_authenticated:
token = get_authorization_header(request).split()[1]
data = {'token': token}
try:
valid_data = VerifyJSONWebTokenSerializer().validate(data)
request.user = valid_data['user']
except ValidationError as v:
print("validation error", v)
return request.user
def process_response(self, request, response):
# 仅用于处理 login请求
if request.META['PATH_INFO'] == '/api/user/user_login':
if json.loads(response.content)["errno"] == "0":
rep_data = json.loads(response.content)["data"]
valid_data = VerifyJSONWebTokenSerializer().validate(rep_data)
user = valid_data['user']
user.save()
return response
else:
return response
else:
return response
def test_success_with_account_logs_in(self):
user = UserProfile.objects.create(
username='******', email='*****@*****.**', fxa_id='10')
identity = {'email': '*****@*****.**', 'uid': '9001'}
self.fxa_identify.return_value = identity
response = self.client.get(
self.url, {'code': 'code', 'state': self.fxa_state})
self.assertRedirects(response, reverse('home'))
data = {'token': response.cookies['jwt_api_auth_token'].value}
verify = VerifyJSONWebTokenSerializer().validate(data)
assert verify['user'] == user
self.login_user.assert_called_with(mock.ANY, user, identity)
assert not self.register_user.called
def IsWoner(self, *args, **kwargs):
token = self.request.META.get('HTTP_AUTHORIZATION', " ").split(' ')[1]
#print(token)
data = {'token': token}
valid_data = VerifyJSONWebTokenSerializer().validate(data)
user = valid_data['user']
is_Woner = get_object_or_404(User, pk=self.kwargs['pk'])
tmp1 = str(is_Woner.username)
tmp2 = str(user)
if (tmp1 != tmp2):
return False
return True
def process_response(self, request, response):
if request.META['PATH_INFO'] == '/login/':
if is_success(response.status_code):
rep_data = response.data
valid_data = VerifyJSONWebTokenSerializer().validate(rep_data)
user = valid_data['user']
user.user_jwt = rep_data['token']
user.save()
return response
else:
return response
else:
return response
def __call__(self, scope):
headers = dict(scope['headers'])
print(headers)
try:
token_header = dict(scope['headers'])[b'authorization'].decode().split()
data = {'token': token_header[1]}
print(data)
valid_data = VerifyJSONWebTokenSerializer().validate(data)
print(valid_data)
user = valid_data['user']
scope['user'] = user
except:
pass
return self.inner(scope)
def validar_jwt(message_json):
token = message_json['token']
serializer_data = {'data': {'token': token}}
try:
validated_data = VerifyJSONWebTokenSerializer().validate({'token': token})
user = validated_data['user']
token = validated_data['token']
respuesta = json.dumps({'user': UserSerializer(user).data, 'token': token})
return respuesta
except ValidationError:
return json.dumps({'error': True})
def check_permissions_by_header(request, user_id=None):
bearer = request.META['HTTP_AUTHORIZATION'].split()[-1]
result = Verifyer().validate({'token': bearer})
if result.get('user') and result['user'].id == int(user_id):
return True
return False
def __resolve_user(token):
# a little bit overheaded but just login interface for the time being
serializer = VerifyJSONWebTokenSerializer(data={'token': token,})
serializer.is_valid(raise_exception=True)
return serializer.object.get('user')