def authenticate(self, request):
auth = get_authorization_header(request).split()
auth_header_prefix = settings.JWT_AUTH_HEADER_PREFIX.lower()
if not auth or smart_text(auth[0].lower()) != auth_header_prefix:
raise exceptions.AuthenticationFailed()
if len(auth) == 1:
msg = 'Invalid Authorization header. No credentials provided.'
raise exceptions.AuthenticationFailed(msg)
elif len(auth) > 2:
msg = ('Invalid Authorization header. Credentials string '
'should not contain spaces.')
raise exceptions.AuthenticationFailed(msg)
try:
payload = jwt_decode_handler(auth[1])
except jwt.ExpiredSignature:
msg = 'Signature has expired.'
raise exceptions.AuthenticationFailed(msg)
except jwt.DecodeError:
msg = 'Error decoding signature.'
raise exceptions.AuthenticationFailed(msg)
user = self.authenticate_credentials(payload)
return (user, auth[1])
def authenticate(self, request):
auth = get_authorization_header(request).split()
auth_header_prefix = settings.JWT_AUTH_HEADER_PREFIX.lower()
if not auth or smart_text(auth[0].lower()) != auth_header_prefix:
raise exceptions.AuthenticationFailed()
if len(auth) == 1:
msg = 'Invalid Authorization header. No credentials provided.'
raise exceptions.AuthenticationFailed(msg)
elif len(auth) > 2:
msg = ('Invalid Authorization header. Credentials string '
'should not contain spaces.')
raise exceptions.AuthenticationFailed(msg)
try:
payload = jwt_decode_handler(auth[1])
except jwt.ExpiredSignature:
msg = 'Signature has expired.'
raise exceptions.AuthenticationFailed(msg)
except jwt.DecodeError:
msg = 'Error decoding signature.'
raise exceptions.AuthenticationFailed(msg)
user = self.authenticate_credentials(payload)
return (user, auth[1])
def dispatch(self, request, *args, **kwargs):
auth = get_authorization_header(request)
if auth:
return super(OptionalJWTMixin,
self).dispatch(request, *args, **kwargs)
else:
return super(JSONWebTokenAuthMixin,
self).dispatch(request, *args, **kwargs)
def get_token_from_request(request):
auth = get_authorization_header(request).split()
auth_header_prefix = settings.JWT_AUTH_HEADER_PREFIX.lower()
if not auth or auth[0].lower().decode("utf-8") != auth_header_prefix:
raise exceptions.AuthenticationFailed()
if len(auth) == 1:
raise exceptions.AuthenticationFailed(
_("Invalid Authorization header. No credentials provided."))
elif len(auth) > 2:
raise exceptions.AuthenticationFailed(
_("Invalid Authorization header. Credentials string "
"should not contain spaces."))
return auth[1]
def process_request(request):
if 'HTTP_AUTHORIZATION' in request.META:
header = get_authorization_header(request).split()
if header is not None:
if header[0].lower() == "basic":
username, password = base64.b64decode(header[1]).split(":")
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
login(request, user)
elif header[0].lower() == settings.JWT_AUTH_HEADER_PREFIX.lower():
# use jwt auth
try:
auth = JSONWebTokenAuthMixin().authenticate(request)
if auth is not None:
user = auth[0]
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
except AuthenticationFailed as e:
logging.exception(e)
return None
def dispatch(self, request, *args, **kwargs):
auth = get_authorization_header(request)
if auth:
return super(OptionalJWTMixin, self).dispatch(request, *args, **kwargs)
else:
return super(JSONWebTokenAuthMixin, self).dispatch(request, *args, **kwargs)
