def _action(self, serializer):
user = serializer.user
token = Token(user=user, name="login")
token.save()
user_logged_in.send(sender=user.__class__,
request=self.request,
user=user)
token_serializer_class = DjoserTokenSerializer
return Response(
data=token_serializer_class(token).data,
status=status.HTTP_201_CREATED,
)
def assertToken(self, plain, user=None):
user = user or self.owner
self.assertTrue(
any(
check_password(plain, hashed, preferred='pbkdf2_sha256_iter1')
for hashed in Token.objects.filter(
user=user).values_list('key', flat=True)))
self.assertEqual(len(Token.make_hash(plain).split('$')), 4)
def authenticate_credentials(self, _, key):
key = Token.make_hash(key)
try:
token = self.model.objects.get(key=key)
except self.model.DoesNotExist:
raise exceptions.AuthenticationFailed('badauth')
if not token.user.is_active:
raise exceptions.AuthenticationFailed('badauth')
return token.user, token
def authenticate_credentials(self, key):
key = Token.make_hash(key)
try:
user, token = super().authenticate_credentials(key)
except TypeError: # no token given
return None # unauthenticated
if not token.is_valid:
raise exceptions.AuthenticationFailed('Invalid token.')
token.last_used = timezone.now()
token.save()
return user, token
def authenticate_credentials(self, basic):
invalid_token_message = 'Invalid basic auth token'
try:
user, key = base64.b64decode(basic).decode(
HTTP_HEADER_ENCODING).split(':')
key = Token.make_hash(key)
token = self.model.objects.get(key=key)
domain_names = token.user.domains.values_list('name', flat=True)
if user not in ['', token.user.email
] and not user.lower() in domain_names:
raise Exception
except Exception:
raise exceptions.AuthenticationFailed(invalid_token_message)
if not token.user.is_active:
raise exceptions.AuthenticationFailed(invalid_token_message)
return token.user, token
def assertAuthenticationStatus(self,
code,
plain=None,
expired=False,
**kwargs):
plain = plain or self.token.plain
self.client.set_credentials_token_auth(plain)
# only forward REMOTE_ADDR if not None
if kwargs.get('REMOTE_ADDR') is None:
kwargs.pop('REMOTE_ADDR', None)
response = self.client.get(self.reverse('v1:root'), **kwargs)
body = json.dumps({'detail': 'Invalid token.'
}) if code == HTTP_401_UNAUTHORIZED else None
self.assertResponse(response, code, body)
if expired:
key = Token.make_hash(plain)
self.assertFalse(Token.objects.get(key=key).is_valid)
def authenticate_credentials(self, key):
key = Token.make_hash(key)
user, token = super().authenticate_credentials(key)
token.last_used = timezone.now()
token.save()
return user, token
def authenticate_credentials(self, key):
key = Token.make_hash(key)
return super().authenticate_credentials(key)