def test_post_form_failing_jwt_auth_changed_user_secret_key(self):
"""
Ensure changin secret key on USER level makes tokens invalid
"""
# fine tune settings
api_settings.JWT_GET_USER_SECRET_KEY = get_jwt_secret
tmp_user = CustomUser.objects.create(email='*****@*****.**')
payload = utils.jwt_payload_handler(tmp_user)
token = utils.jwt_encode_handler(payload)
auth = 'JWT {0}'.format(token)
response = self.csrf_client.post(
'/jwt/', {'example': 'example'}, HTTP_AUTHORIZATION=auth, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
# change token, verify
tmp_user.jwt_secret = uuid.uuid4()
tmp_user.save()
response = self.csrf_client.post(
'/jwt/', {'example': 'example'}, HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
# revert api settings
api_settings.JWT_GET_USER_SECRET_KEY = DEFAULTS['JWT_GET_USER_SECRET_KEY']
def get_token(self, obj):
#jwt_payload_handler = jwt_payload_handler
#jwt_encode_handler = settings.JWT_ENCODE_HANDLER
payload = jwt_payload_handler(obj)
token = jwt_encode_handler(payload)
return token
def post(self, request):
access_token_url = 'https://accounts.google.com/o/oauth2/token'
people_api_url = 'https://www.googleapis.com/plus/v1/people/me/openIdConnect'
payload = dict(client_id=request.data['clientId'],
redirect_uri=request.data['redirectUri'],
client_secret=settings.SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET,
code=request.data['code'],
grant_type='authorization_code')
# Step 1. Exchange authorization code for access token.
r = requests.post(access_token_url, data=payload)
token = json.loads(r.text)
headers = {'Authorization': 'Bearer {0}'.format(token['access_token'])}
# Step 2. Retrieve information about the current user.
r = requests.get(people_api_url, headers=headers)
profile = json.loads(r.text)
user = None
if 'email' in profile:
try:
user = User.objects.get(email=profile['email'])
except User.DoesNotExist:
pass
if not user:
user = User.objects.create(username=profile['email'], first_name=profile['given_name'],
last_name=profile['family_name'], email=profile['email'])
Better.objects.create(user=user)
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response({'token': token.decode('unicode_escape')},
status=status.HTTP_200_OK)
def test_jwt_encode(self):
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
payload_data = base64url_decode(token.split('.')[1].encode('utf-8'))
payload_from_token = json.loads(payload_data.decode('utf-8'))
self.assertEqual(payload_from_token, payload)
def handle(self, *args, **options):
try:
user = CustomUser.objects.create_user(username=options["username"],
password=options["password"])
token = jwt_encode_handler(jwt_payload_handler(user))
self.stdout.write(self.style.SUCCESS(str(token)))
except IntegrityError as ex:
raise CommandError(ex)
def _generate_jwt_token(self):
"""
Generates a JSON Web Token that stores this user's ID and has an expiry
date set to 60 days into the future.
"""
payload = jwt_payload_handler(self)
token = jwt_encode_handler(payload)
return token
def test_jwt_decode_verify_exp(self):
api_settings.JWT_VERIFY_EXPIRATION = False
payload = utils.jwt_payload_handler(self.user)
payload['exp'] = 1
token = utils.jwt_encode_handler(payload)
utils.jwt_decode_handler(token)
api_settings.JWT_VERIFY_EXPIRATION = True
def setUp(self):
self.client = Client()
self.username = '******'
self.email = '*****@*****.**'
self.user = User.objects.create_user(self.username, self.email)
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
self.auth = 'Bearer {0}'.format(token)
self.startTime = time.time()
def a_superuser_with_a_jwtoken(context):
user = User.objects.create_superuser(username='******',
email='*****@*****.**',
password='******')
payload = utils.jwt_payload_handler(user)
token = utils.jwt_encode_handler(payload)
context.auth = 'JWT {0}'.format(token)
def test_authjwt_method(subscription, expect):
if expect is True:
payload = jwt_payload_handler(user=subscription.subscriber)
token = jwt_encode_handler(payload)
else:
token = "fdksal;j"
value = auth.authjwt_method(token)
assert bool(value) is expect
def setUp(self):
self.client = APIClient()
self.username = '******'
self.email = '*****@*****.**'
self.password='******'
self.user = User.objects.create_user(self.email, self.password, username=self.username)
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
self.auth = 'Token {0}'.format(token)
def test_authjwt_method(subscription, expect):
if expect is True:
payload = jwt_payload_handler(user=subscription.subscriber)
token = jwt_encode_handler(payload)
else:
token = "fdksal;j"
value = auth.authjwt_method(token)
assert bool(value) is expect
def test_can_authenticate(self):
payload = jwt_payload_handler(self.user)
token = jwt_encode_handler(payload)
response = self.client.get(reverse_lazy('offer:offer-list-api'), {},
HTTP_AUTHORIZATION='JWT {}'.format(token))
self.assertEqual(response.status_code, 200)
self.assertContains(response, self.offer.title)
self.assertContains(response, self.other_offer.title)
def validate(self, attrs):
user = authenticate(**attrs)
if user is None:
raise serializers.ValidationError("用户名或密码错误!")
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return {'user': user, 'token': token}
def createuserview(request):
serializer = CreateUser(data=request.data)
serializer.is_valid(raise_exception=True)
username = request.data.get('username')
password = request.data.get('password')
user = User.objects.create_user(username=username, password=password)
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response(data={"token": token}, status=status.HTTP_201_CREATED)
def setUp(self):
user = User.objects.create_superuser(username='******',
email='*****@*****.**',
password='******')
payload = utils.jwt_payload_handler(user)
token = utils.jwt_encode_handler(payload)
self.auth = 'JWT {0}'.format(token)
def test_get_refresth_token_detail(self):
self.client.credentials(
HTTP_AUTHORIZATION='JWT ' +
utils.jwt_encode_handler(utils.jwt_payload_handler(self.user)))
response = self.client.get(self.detail_url)
self.assertEqual(response.status_code, status.HTTP_200_OK,
(response.status_code, response.content))
response = self.client.get(self.detail_url1)
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND,
(response.status_code, response.content))
def test_create_refresh_token(self):
data = {'app': 'gandolf'}
self.client.credentials(
HTTP_AUTHORIZATION='JWT ' +
utils.jwt_encode_handler(utils.jwt_payload_handler(self.user)))
response = self.client.post(self.list_url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_201_CREATED,
(response.status_code, response.content))
self.assertEqual(response.data['user'], self.user.pk)
self.assertEqual(response.data['app'], data['app'])
def create_token(self, user, exp=None, orig_iat=None):
payload = utils.jwt_payload_handler(user)
if exp:
payload['exp'] = exp
if orig_iat:
payload['orig_iat'] = timegm(orig_iat.utctimetuple())
token = utils.jwt_encode_handler(payload)
return token
def create_token(self, user, exp=None, orig_iat=None):
payload = utils.jwt_payload_handler(user)
if exp:
payload['exp'] = exp
if orig_iat:
payload['orig_iat'] = timegm(orig_iat.utctimetuple())
token = utils.jwt_encode_handler(payload)
return token
def login(request):
user = authenticate(username=request.data.get('username'),
password=request.data.get('password'))
if not user:
return Response(
{"error": "Login failed. Incorrect username or password."},
status=HTTP_401_UNAUTHORIZED)
user.save()
payload = jwt_payload_handler(user)
jwt_token = jwt_encode_handler(payload)
return Response({"token": jwt_token})
def setUp(self):
self.client = APIClient()
self.username = '******'
self.email = '*****@*****.**'
self.password = '******'
self.user = User.objects.create_user(self.email,
self.password,
username=self.username)
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
self.auth = 'Token {0}'.format(token)
def create(self, validated_data):
user = User(
username=validated_data['username'],
email=validated_data['email'],
first_name=validated_data['first_name'],
last_name=validated_data['last_name'],
)
user.set_password(validated_data['password'])
user.save()
user.token = jwt_encode_handler(jwt_payload_handler(user))
return user
def post(self, request, format=None):
serializer = SMSCodeSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
mobile = serializer.validated_data['mobile']
#生成随机验证码,向目标手机发送验证码,用手机号码和验证码生成token
token = jwt_encode_handler({
'exp': timezone.now() + settings.JWT_AUTH['SMS_TOKEN_EXP_DELTA'], #有效期:3分钟
'mobile': mobile,
'sms_code': '118590'})
return Response({'token': token}, status=status.HTTP_200_OK)
def test_verify_jwt(self) -> None:
token = jwt_encode_handler(jwt_payload_handler(self.user))
response = self.client.post(
reverse('verify-token'),
json.dumps({'token': token}),
**DEFAULT_REQUEST_PARAMS,
# Authorization=f'Bearer {token}'
)
self.assertIn('token', response.data)
def post(self, request, *args, **kwargs):
form = self.get_form()
if form.is_valid():
user = form.get_user()
payload = jwt_payload_handler(user)
token = 'Bearer ' + jwt_encode_handler(payload)
response = self.form_valid(form)
response['Authorization'] = token
return response
else:
return self.form_invalid(form)
def make_token(self, status):
payload = {
'user_id': self.user.id,
'time_create': self.token,
}
token = jwt_encode_handler(payload)
response_data = {
'token': token
}
general_response = rsp.Response(response_data).generate_response()
response = Response(general_response, status=status)
return response
def test_post_with_expired_token_gets_error(self):
# We're going to get a fresh token, sneakily set the expiration to 1, and then try to refresh with it.
response = self.client.post('/jwt-auth/', self.data, format='json')
decoded_payload = utils.jwt_decode_handler(response.data['token'])
decoded_payload['exp'] = 1
token = utils.jwt_encode_handler(decoded_payload)
response = self.client.post('/jwt-verify/', {'token': token},
format='json')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data['non_field_errors'][0],
'Signature has expired.')
def changeform_view(self,
request,
object_id=None,
form_url='',
extra_context=None):
extra_context = extra_context or {}
extra_context['token'] = jwt_encode_handler(
jwt_payload_handler(request.user))
return super().changeform_view(request,
object_id=object_id,
form_url=form_url,
extra_context=extra_context)
def post(self, request, format=None):
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
user = serializer.save()
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response({
"user": serializer.data,
"token": token
},
status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def test_validate_service_jwt_fails_with_invalid_data(self):
with self.assertRaises(ValidationError):
payload = create_service_jwt_payload()
payload.pop('exp')
jwt = jwt_encode_handler(payload)
validate_service_jwt(jwt)
with self.assertRaises(ValidationError):
payload = create_service_jwt_payload()
payload.pop('service_name')
jwt = jwt_encode_handler(payload)
validate_service_jwt(jwt)
with self.assertRaises(ValidationError):
payload = create_service_jwt_payload()
payload.pop('service_permissions')
jwt = jwt_encode_handler(payload)
validate_service_jwt(jwt)
with self.assertRaises(ValidationError):
payload = create_service_jwt_payload()
payload.pop('is_service')
jwt = jwt_encode_handler(payload)
validate_service_jwt(jwt)
def validate(self, data):
try:
user = CtrlfUser.objects.get(email=data["email"])
except CtrlfUser.DoesNotExist:
raise serializers.ValidationError("이메일이 존재하지 않습니다.")
if not check_password(data["password"], user.password):
raise serializers.ValidationError("패스워드가 일치하지 않습니다.")
payload = jwt_payload_handler(user)
return {"token": jwt_encode_handler(payload), "user": user}
def validate(self, attrs):
username = attrs.get('username')
password = attrs.get('password')
user = authenticate(username=username, password=password)
if not user or not user.is_active:
raise serializers.ValidationError('传统验证失败')
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return {'user': user, 'token': token}
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
re_dict = serializer.data
payload = jwt_payload_handler(user)
re_dict["token"] = jwt_encode_handler(payload)
re_dict["user"] = user
headers = self.get_success_headers(serializer.data)
return Response(re_dict, status=status.HTTP_201_CREATED, headers=headers)
def test_post_json_passing_jwt_auth(self):
"""
Ensure POSTing JSON over JWT auth with correct credentials
passes and does not require CSRF
"""
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
auth = "JWT {0}".format(token)
response = self.csrf_client.post("/jwt/", {"example": "example"}, HTTP_AUTHORIZATION=auth, format="json")
self.assertEqual(response.status_code, status.HTTP_200_OK)
def post(self, request):
from lazysignup.models import LazyUser
user, username = LazyUser.objects.create_lazy_user()
user.first_name = 'Guest' + str(random.randint(1, 200))
user.save()
betting_funds = random.randint(10, 60)
Better.objects.create(user=user, points=betting_funds)
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response({'token': token, 'name': user.first_name,
'betting_funds': betting_funds },
status=status.HTTP_200_OK)
def get(self, request):
try:
if request.user.is_active:
payload = jwt_payload_handler(request.user) # todo: Is deprecated
jwt_token = utilities.jwt_response_payload_handler(jwt_encode_handler(payload),
user=request.user)
return responses.SuccessResponse(jwt_token).send()
else:
raise authnz_exceptions.CustomException(detail=_('This user is inactive, contact us.'))
except authnz_exceptions.CustomException as e:
return responses.ErrorResponse(message=e.detail, status=e.status_code).send()
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = self.perform_create(serializer)
re_dict = serializer.data
payload = jwt_payload_handler(user)
re_dict['token'] = jwt_encode_handler(payload)
re_dict['username'] = user.username
headers = self.get_success_headers(serializer.data)
return Response(re_dict,
status=status.HTTP_201_CREATED,
headers=headers)
def validate(self, attrs):
username = attrs['username']
password = attrs['password']
user = authenticate(**attrs)
if not user:
raise serializers.ValidationError('shibai')
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return {
'user': user,
'token': 'token'
}
def test_post_form_passing_jwt_auth(self):
"""
Ensure POSTing json over JWT auth with correct credentials
passes and does not require CSRF
"""
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
auth = 'JWT {0}'.format(token)
response = self.csrf_client.post(
'/jwt/', {'example': 'example'}, HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_post_passing_jwt_auth_with_oauth2_priority(self):
"""
Ensure POSTing over JWT auth with correct credentials
passes and does not require CSRF when OAuth2Authentication
has priority on authentication_classes
"""
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
auth = "JWT {0}".format(token)
response = self.csrf_client.post("/oauth2-jwt/", {"example": "example"}, HTTP_AUTHORIZATION=auth, format="json")
self.assertEqual(response.status_code, status.HTTP_200_OK, response)
def test_post_form_passing_jwt_invalid_payload(self):
"""
Ensure POSTing json over JWT auth with invalid payload fails
"""
payload = dict(email=None)
token = utils.jwt_encode_handler(payload)
auth = "JWT {0}".format(token)
response = self.csrf_client.post("/jwt/", {"example": "example"}, HTTP_AUTHORIZATION=auth)
msg = "Invalid payload."
self.assertEqual(response.data["detail"], msg)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_post_form_passing_jwt_invalid_payload(self):
"""
Ensure POSTing json over JWT auth with invalid payload fails
"""
payload = dict(user_id=1, email=None)
token = utils.jwt_encode_handler(payload)
auth = 'JWT {0}'.format(token)
response = self.csrf_client.post(
'/jwt/', {'example': 'example'}, HTTP_AUTHORIZATION=auth)
msg = 'Invalid payload'
self.assertEqual(response.data['detail'], msg)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_jwt_login_with_expired_token(self):
"""
Ensure JWT login view works even if expired token is provided
"""
payload = utils.jwt_payload_handler(self.user)
payload['exp'] = 1
token = utils.jwt_encode_handler(payload)
auth = 'JWT {0}'.format(token)
client = APIClient(enforce_csrf_checks=True)
response = client.post(
'/auth-token/', self.data,
HTTP_AUTHORIZATION=auth, format='json')
self.assertTrue(response.status_code, status.HTTP_200_OK)
def test_create_refresth_token(self):
data = {
'app': 'gandolf'
}
self.client.credentials(
HTTP_AUTHORIZATION='JWT ' + utils.jwt_encode_handler(
utils.jwt_payload_handler(self.user)))
response = self.client.post(self.list_url, data, format='json')
self.assertEqual(
response.status_code,
status.HTTP_201_CREATED,
(response.status_code, response.content)
)
self.assertEqual(response.data['user'], self.user.pk)
self.assertEqual(response.data['app'], data['app'])
def authenticate(self, user):
"""
Authenticates the given user
:param user: User to authenticate
:type user: inventorum.ebay.apps.accounts.models.EbayUserModel
"""
payload = utils.jwt_payload_handler(user)
self.token = utils.jwt_encode_handler(payload)
credentials = {
'HTTP_AUTHORIZATION': 'JWT %s' % self.token
}
self.client.credentials(**credentials)
def test_post_expired_token_failing_jwt_auth(self):
"""
Ensure POSTing over JWT auth with expired token fails
"""
payload = utils.jwt_payload_handler(self.user)
payload["exp"] = 1
token = utils.jwt_encode_handler(payload)
auth = "JWT {0}".format(token)
response = self.csrf_client.post("/jwt/", {"example": "example"}, HTTP_AUTHORIZATION=auth, format="json")
msg = "Signature has expired."
self.assertEqual(response.data["detail"], msg)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
self.assertEqual(response["WWW-Authenticate"], 'JWT realm="api"')
def test_delete_refresth_token(self):
self.client.credentials(
HTTP_AUTHORIZATION='JWT ' + utils.jwt_encode_handler(
utils.jwt_payload_handler(self.user)))
response = self.client.delete(self.detail_url)
self.assertEqual(
response.status_code,
status.HTTP_204_NO_CONTENT,
(response.status_code, response.content)
)
response = self.client.delete(self.detail_url1)
self.assertEqual(
response.status_code,
status.HTTP_404_NOT_FOUND,
(response.status_code, response.content)
)
def test_get_refresh_token_list(self):
self.client.credentials(
HTTP_AUTHORIZATION='JWT ' + utils.jwt_encode_handler(
utils.jwt_payload_handler(self.user)))
response = self.client.get(self.list_url)
self.assertEqual(len(response.data), 1)
resp0 = response.data[0]
self.assertEqual(self.token.key, resp0['key'])
self.client.force_authenticate(self.user1)
response = self.client.get(self.list_url)
self.assertEqual(len(response.data), 1)
resp0 = response.data[0]
self.assertEqual(self.token1.key, resp0['key'])
self.assertEqual(RefreshToken.objects.count(), 2)
def test_different_auth_header_prefix(self):
"""
Ensure using a different setting for `JWT_AUTH_HEADER_PREFIX` and
with correct credentials passes.
"""
api_settings.JWT_AUTH_HEADER_PREFIX = "Bearer"
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
auth = "Bearer {0}".format(token)
response = self.csrf_client.post("/jwt/", {"example": "example"}, HTTP_AUTHORIZATION=auth, format="json")
self.assertEqual(response.status_code, status.HTTP_200_OK)
# Restore original settings
api_settings.JWT_AUTH_HEADER_PREFIX = DEFAULTS["JWT_AUTH_HEADER_PREFIX"]
def test_post_expired_token_failing_jwt_auth(self):
"""
Ensure POSTing over JWT auth with expired token fails
"""
payload = utils.jwt_payload_handler(self.user)
payload['exp'] = 1
token = utils.jwt_encode_handler(payload)
auth = 'JWT {0}'.format(token)
response = self.csrf_client.post(
'/jwt/', {'example': 'example'},
HTTP_AUTHORIZATION=auth, format='json')
msg = 'Signature has expired.'
self.assertEqual(response.data['detail'], msg)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
self.assertEqual(response['WWW-Authenticate'], 'JWT realm="api"')
def post(self, request):
access_token_url = 'https://graph.facebook.com/v2.3/oauth/access_token'
people_api_url = 'https://graph.facebook.com/v2.3/me'
payload = dict(client_id=request.data['clientId'],
redirect_uri=request.data['redirectUri'],
client_secret=settings.SOCIAL_AUTH_FACEBOOK_SECRET,
code=request.data['code'],
scope='email',
)
# Step 1. Exchange authorization code for access token.
r = requests.post(access_token_url, data=payload)
token = json.loads(r.text)
headers = {'Authorization': 'Bearer {0}'.format(token['access_token']), 'scope': 'email'}
# Step 2. Retrieve information about the current user.
r = requests.get(people_api_url, headers=headers)
profile = json.loads(r.text)
user = None
if 'email' in profile:
try:
user = User.objects.get(email=profile['email'])
except User.DoesNotExist:
pass
else:
try:
user = User.objects.get(email=profile['id'] + '@facebook.com')
except User.DoesNotExist:
pass
profile['email'] = profile['id'] + '@facebook.com'
if not user:
user = User.objects.create(username=profile['email'],
first_name=profile['name'].split()[0],
last_name=profile['name'].split()[1],
email=profile['email'])
Better.objects.create(user=user)
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response({'token': token.decode('unicode_escape')},
status=status.HTTP_200_OK)
def generate_token(user):
"""
Generate a JWT for the user.
The token generally contains the following:
{
"username": "******",
"orig_iat": 1441902926,
"user_id": 5,
"email": "*****@*****.**",
"exp": 1442507726
}
"""
payload = jwt_payload_handler(user)
return {
'token': jwt_encode_handler(payload),
}
def test_post_form_passing_jwt_auth(self):
"""
Ensure POSTing form over JWT auth with correct credentials
passes and does not require CSRF
"""
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
auth = 'JWT {0}'.format(token)
response = self.csrf_client.post(
'/jwt/', {'example': 'example'}, HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.content, b'mockview-post')
# Ensure `authenticate` returned the decoded payload.
self.assertEqual(response.wsgi_request.user, self.user)
payload = response.wsgi_request.auth
self.assertIsInstance(payload, dict)
self.assertEqual(set(payload.keys()), {
'user_id', 'username', 'exp', 'email'})
def assert_jwt_status(self, issuer=None, expires=None, status_code=200):
"""Assert that the payload has a valid issuer and has not expired."""
staff_user = self.create_user(is_staff=True)
issuer = issuer or settings.JWT_AUTH['JWT_ISSUERS'][0]
payload = {
'iss': issuer,
'username': staff_user.username,
'email': staff_user.email,
'full_name': staff_user.full_name
}
if expires:
payload['exp'] = expires
token = utils.jwt_encode_handler(payload)
auth = 'JWT {0}'.format(token)
response = self.client.get('/jwt/', HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, status_code)
def assert_jwt_status(self, issuer=None, expires=None, status_code=200):
""" Assert that the payload has a valid issuer and has not expired. """
staff_user = self.create_user(is_staff=True)
issuer = issuer or settings.JWT_ISSUERS[0]
payload = {
"iss": issuer,
"username": staff_user.username,
"email": staff_user.email,
"full_name": staff_user.full_name,
}
if expires:
payload["exp"] = expires
token = utils.jwt_encode_handler(payload)
auth = "JWT {0}".format(token)
response = self.client.get("/jwt/", HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, status_code)
def post(self, request):
serialized = UserSerializer(data=request.DATA)
if serialized.is_valid():
try:
User.objects.get(email=serialized.data['email'])
return Response({'error': 'User with same email already exists.'},
status=status.HTTP_400_BAD_REQUEST)
except User.DoesNotExist:
pass
user = User.objects.create_user(
serialized.data['username'],
serialized.data['email'],
serialized.data['password'],
first_name=serialized.data['username']
)
Better.objects.create(user=user)
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response({'token': token.decode('unicode_escape')},
status=status.HTTP_201_CREATED)
else:
return Response(serialized._errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
access_token_url = 'https://graph.facebook.com/v2.4/oauth/access_token'
people_api_url = 'https://graph.facebook.com/v2.4/me?fields=id,email,name'
payload = dict(client_id=request.data['clientId'],
redirect_uri=request.data['redirectUri'],
client_secret=settings.SOCIAL_AUTH_FACEBOOK_SECRET,
code=request.data['code'],
scope='email',
)
# Step 1. Exchange authorization code for access token.
r = requests.post(access_token_url, data=payload)
token = json.loads(r.text)
headers = {'Authorization': 'Bearer {0}'.format(token['access_token']), 'scope': 'email'}
# Step 2. Retrieve information about the current user.
r = requests.get(people_api_url, headers=headers)
profile = json.loads(r.text)
user = self.get_or_create_user(profile)
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response({'token': token.decode('unicode_escape')}, status=status.HTTP_200_OK)