def get(self, request):
id = request.GET.get('id', None)
token = request.GET.get('token', None)
jwt_decode_handler = api_settings.JWT_DECODE_HANDLER
try:
payload = jwt_decode_handler(token)
except jwt.ExpiredSignature:
return throw_bad_request("Signature has expired.")
except jwt.DecodeError:
return throw_bad_request("Error decoding signature.")
username = jwt_get_username_from_payload(payload)
if not username:
return throw_bad_request("Invalid payload.")
if not id:
return throw_bad_request("Documentation ID was not provided as a GET parameter.")
documentation = Documentation.objects.filter(id=id).first()
if not documentation:
return throw_bad_request("Documentation was not find with the ID." + str(id))
response = HttpResponse(documentation.file, content_type='application/pdf')
response['Content-Disposition'] = 'attachment; filename=' + documentation.file_name
return response
def authenticate_credentials(self, payload):
"""
We have to implement this method by hand to ensure we can check that the
User has a verified email, if required
"""
User = authentication.get_user_model()
username = authentication.jwt_get_username_from_payload(payload)
if not username:
msg = _("Invalid payload.")
raise exceptions.AuthenticationFailed(msg)
try:
user = User.objects.get_by_natural_key(username)
except User.DoesNotExist:
msg = _("Invalid signature.")
raise exceptions.AuthenticationFailed(msg)
if not user.is_active:
msg = _("User account is disabled.")
raise exceptions.AuthenticationFailed(msg)
if should_verify_email(user):
raise UnverifiedEmail(user)
return user
def authenticate_credentials(self, payload):
from user_locator_cass.api.models import AdminUser
"""
Returns an active user that matches the payload's user id and email.
"""
""" should try with """
#admin_user = self.get_model('AdminUser')
#user = admin_user.objects.all() or user = admin_user.objects.filter(username=username) on line 51
admin_user = AdminUser
username = jwt_get_username_from_payload(payload)
if not username:
msg = 'Invalid payload.'
raise exceptions.AuthenticationFailed(msg)
try:
#users = AdminUser.objects.all()
admin_user = AdminUser.objects.filter(username=username)
except AdminUser.DoesNotExist:
msg = 'Invalid signature.'
raise exceptions.AuthenticationFailed(msg)
# print('*** user : '******'User account is disabled.'
# raise jwt.exceptions.AuthenticationFailed(msg)
return admin_user
def authenticate_credentials(self, token):
User = get_user_model()
try:
payload = jwt_decode_handler(token)
except jwt.ExpiredSignature:
msg = 'Signature has expired.'
raise Exception(msg)
except jwt.DecodeError:
msg = 'Error decoding signature.'
raise Exception(msg)
except jwt.InvalidTokenError:
raise Exception(msg)
username = jwt_get_username_from_payload(payload)
if not username:
msg = _('Invalid payload.')
raise exceptions.AuthenticationFailed(msg)
try:
user = User.objects.get_by_natural_key(username)
except User.DoesNotExist:
msg = _('Invalid signature.')
raise exceptions.AuthenticationFailed(msg)
if not user.is_active:
msg = _('User account is disabled.')
raise exceptions.AuthenticationFailed(msg)
return user
def auth_with_token(token):
try:
from utils.models import User
payload = jwt_decode_handler(token)
username = jwt_get_username_from_payload(payload)
return User.objects.get(username=username)
except Exception as e:
logger.info(f'logging failed with error={e}, token={token}')
def _login_by_token(self, token):
try:
payload = jwt_decode_handler(token)
username = jwt_get_username_from_payload(payload)
return Player.objects.get(user__username=username)
except Exception as e:
logger.exception(e)
return HttpResponse(status=HTTP_400_BAD_REQUEST, )
def jwt_get_owner(request):
token = request.META['HTTP_AUTHORIZATION'].split(' ')[1]
try:
username = jwt_get_username_from_payload(jwt_decode_handler(token))
author = Author.get_by_username(username=username)
return JsonResponse({'author': {'name': author.name, 'id': author.id}})
except ExpiredSignatureError as e:
print(e)
return JsonResponse({'author': None})
def authenticate_credentials(self, payload):
username = jwt_get_username_from_payload(payload)
if not username:
raise Exception('Payload no válido')
try:
user = get_user_by_username(username)
except:
raise Exception('Error obtenido usuario')
return user
def verify_authentication_token(token):
jwt_decode_handler = api_settings.JWT_DECODE_HANDLER
try:
payload = jwt_decode_handler(token)
except jwt.ExpiredSignature:
return False, "Signature has expired."
except jwt.DecodeError:
return False, "Error decoding signature."
username = jwt_get_username_from_payload(payload)
if not username:
return False, "Invalid payload."
if not id:
return False, "Documentation ID was not provided as a GET parameter."
return True, ''
def authenticate_credentials(self, payload):
"""
Returns an active user that matches the payload's user id and email.
"""
User = get_user_model()
username = jwt_get_username_from_payload(payload)
if not username:
msg = _('Invalid payload.')
raise exceptions.AuthenticationFailed(msg)
try:
user = User.objects.get_by_natural_key(username)
except User.DoesNotExist:
msg = '用户不存在'
raise exceptions.AuthenticationFailed(msg)
if not user.is_active:
msg = '用户已禁用'
raise exceptions.AuthenticationFailed(msg)
return user
def authjwt_method(token):
""" an authentication method using rest_framework_jwt
"""
import jwt
from rest_framework_jwt.authentication import (
jwt_decode_handler, jwt_get_username_from_payload)
try:
payload = jwt_decode_handler(token)
except (jwt.ExpiredSignature, jwt.DecodeError, jwt.InvalidTokenError):
return None
User = get_user_model()
username = jwt_get_username_from_payload(payload)
if not username: # pragma: no cover
return None
try:
user = User.objects.get_by_natural_key(username)
except User.DoesNotExist: # pragma: no cover
return None
return user
def _check_user(self, payload):
"""
:rtype: object
"""
global user
username = jwt_get_username_from_payload(payload)
if not username:
msg = INVALID_PAYLOAD
raise ValidationError(msg)
# Make sure user exists
try:
user = User.objects.get(username=username)
except ObjectDoesNotExist:
msg = INVALID_USER
raise ValidationError(msg)
if not user.is_active:
msg = DISABLED_USER_ACCOUNT
raise ValidationError(msg)
return user
def get_user_from(request):
auth = get_authorization_header(request).split()[1]
payload = jwt_decode_handler(auth)
username = jwt_get_username_from_payload(payload)
return _get_user_for(username)
