def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if settings.JWT_AUTH['JWT_AUTH_COOKIE']: expiration = (datetime.utcnow() + settings.JWT_AUTH['JWT_EXPIRATION_DELTA']) response.set_cookie(settings.JWT_AUTH['JWT_AUTH_COOKIE'], token, domain=settings.SESSION_COOKIE_DOMAIN, expires=expiration, httponly=True) response.data = { 'code': 20000, 'data': response.data, } return response return Response( { 'code': 50008, 'message': 'Unable to log in with provided credentials.' }, status=status.HTTP_400_BAD_REQUEST)
def login(request, *args, **kw): """ Authenticate and return a valid JSONWebToken """ gas_list = list(GAS.objects.all()) gas_list.sort(cmp_orders) kw['extra_context'] = { 'VERSION': settings.VERSION, 'THEME': settings.THEME, 'MAINTENANCE_MODE': settings.MAINTENANCE_MODE, 'gas_list': gas_list, } if settings.MAINTENANCE_MODE: if request.method == "POST" and \ request.POST.get('username') != settings.INIT_OPTIONS['su_username']: return HttpResponse( _("Maintenance in progress, please retry later...")) tmpl_response = django_auth_login(request, *args, **kw) if tmpl_response.status_code == 302: accept = request.META.get('HTTP_ACCEPT', '') if accept and accept.startswith('application/json'): # Return a valid JSONWebToken payload = jwt_payload_handler(request.user) payload['orig_iat'] = timegm(datetime.utcnow().utctimetuple()) token = jwt_encode_handler(payload) response_data = jwt_response_payload_handler( token, request.user, request) return HttpResponse(json.dumps(response_data)) return tmpl_response
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request): serializer = self.serializer_class(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response_data['info'] = UserSerializer(user).data update_last_login(None, user) return Response(response_data) return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request): serializer = self.serializer_class(data=request.data) # TODO: Check if google token is active if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request): """ User login view. Based on JSONWebTokenAPIView from rest_framework_jwt. """ serializer = self.serializer_class(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response_data['info'] = UserSerializer(user).data update_last_login(None, user) return Response(response_data) return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def custom_jwt_response_payload_handler(token, user=None, request=None): """ This method creates a custom response on successful login :param token: :param user: :param request: :return: dict """ data = jwt_response_payload_handler(token, user, request) response_data = { "user": CreateUserSerializer(instance=user).data, "access_token": "Bearer " + data["token"], "expires_in": "24hrs", } return response_data
def post(self, request): """ User login view. Based on JSONWebTokenAPIView from rest_framework_jwt. """ serializer = self.serializer_class(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) log.warning(message='Authentication failed.', details={'http_status_code': status.HTTP_401_UNAUTHORIZED}) return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request): """ User login view. Based on JSONWebTokenAPIView from rest_framework_jwt. """ serializer = self.serializer_class(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) log.warning(message='Authentication failed.', details={'http_status_code': status.HTTP_401_UNAUTHORIZED}) return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def create(self, request, *args, **kwargs): username = request.data["username"] password = request.data["password"] keys = red_user_cache.keys() try: for single_key in keys: user_info = red_user_cache.get(single_key) redis_username, redis_password, redis_email = json.loads( user_info) if redis_username == username: return Response({"non_field_errors": ["账号未激活,请先激活账号"]}, status=status.HTTP_400_BAD_REQUEST) except Exception as e: pass user = User.objects.filter(username=username).first() if not user: return Response({"non_field_errors": ["账号或者密码错误"]}, status=status.HTTP_400_BAD_REQUEST) if not user.check_password(password): return Response({"non_field_errors": ["账号或者密码错误"]}, status=status.HTTP_400_BAD_REQUEST) if not user.has_active: return Response({"non_field_errors": ["账号未激活,请先激活账号"]}, status=status.HTTP_400_BAD_REQUEST) serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) #采用jwt模式认证 serializer_instance = JSONWebTokenSerializer(data=request.data) if serializer_instance.is_valid(): user = serializer_instance.object.get('user') or request.user token = serializer_instance.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) # 合并购物车数据 merge_cart_cookie_to_redis(request, user, response) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') token_data = jwt_response_payload_handler(token, user, request) response_data = {'code': 20000, 'data': token_data} response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=False) return response return Response({ "code": 50001, "message": "User or Password is invaild." })
def post(self, request, *args, **kwargs): """用户登录""" serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = serializer.object.get('user') or request.user token = serializer.object.get('token') is_remember = serializer.object.get('is_remember') next = serializer.object.get('next') # 加密,如果配置中支持刷新,则更新token,将user调用中间件赋给request.user response_data = jwt_response_payload_handler(token, user, request) response_data.update({'next': next}) response = Response(response_data) self.remember_username(response, is_remember, user.get_username()) # 设置cookie,记住用户名 # 将token存到response的cookie中,设置有效的日期 if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) # 对应配置中的Token名称 response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response
def create(self, request): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.validated_data['user'] token = serializer.validated_data['token'] response_data = jwt_response_payload_handler(token, user, request) response_data['depository'] = serializer.validated_data.get( 'depository', '') response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (timezone.now() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie( api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True, ) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def create_jwt(user): payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) response = jwt_response_payload_handler(token, user) return response
def test_jwt_response_payload(self): payload = utils.jwt_payload_handler(self.user) token = utils.jwt_encode_handler(payload) response_data = utils.jwt_response_payload_handler(token) self.assertEqual(response_data, dict(token=token))
def handle_user_login(self, request, serializer, *args, **kwargs): token = jwt_encode_handler(jwt_payload_handler(serializer.user)) return Response( jwt_response_payload_handler(token, serializer.user, request))