def validate(self, attrs):
refresh = RefreshToken(attrs["refresh"])
user_model = get_user_model()
if not user_model.objects.get(id=refresh.get("user_id")).state == "A":
raise PermissionDenied(
detail="Your account is deactivated. Contact support."
)
data = {"access": str(refresh.access_token)}
if api_settings.ROTATE_REFRESH_TOKENS:
if api_settings.BLACKLIST_AFTER_ROTATION:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data["refresh"] = str(refresh)
return data
def validate(self, attrs):
refresh = RefreshToken(attrs['refresh'])
data = {'access': str(refresh.access_token)}
if settings.SIMPLE_JWT['ROTATE_REFRESH_TOKENS']:
if settings.SIMPLE_JWT['BLACKLIST_AFTER_ROTATION']:
try:
# Attempt to blacklist the given refresh token
refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
refresh.set_jti()
refresh.set_exp()
data['refresh'] = str(refresh)
jwt_obj = JWTAuthentication()
user = jwt_obj.get_user(refresh.access_token)
user_serializer = UserSerializer(user)
data['user'] = user_serializer.data
data['token_expire_at'] = refresh.access_token.get('exp')
data['refresh_token_expire_at'] = refresh.get('exp')
return data
def get(self, request, *args, **kwargs):
refresh_old = request.COOKIES.get('refresh', None)
try:
refresh = RefreshToken(refresh_old)
print(refresh.get('username'))
except TokenError:
return Response({'error': "Invalid refresh token"}, status=400)
response = Response({'access': str(refresh.access_token)}, status=200)
return response
def validate(self, attrs):
try:
refresh = RefreshToken(attrs['refresh'])
except TokenError:
raise AuthenticationFailed('만료되었거나 유효하지 않은 토큰 값입니다')
if not User.objects.filter(
id=refresh.get('user_id'),
is_active=True,
).exists():
raise AuthenticationFailed('유효하지 않은 토큰입니다')
attrs['refresh'] = refresh
return attrs
def post(self, request):
"""Blacklists refresh token. That token cannot be used to
fetch access_token after this request.
"""
try:
token = RefreshToken(request.data.get("refresh"))
except TokenError as token_error:
return Response({"errors": token_error.args},
status=status.HTTP_400_BAD_REQUEST)
# handling for case value of `refresh` is `null` in request
if token.get("user_id"):
token.blacklist()
return Response({"message": "Logout successful."},
status=status.HTTP_200_OK)
return Response({"errors": ("Logout failed.", )},
status=status.HTTP_400_BAD_REQUEST)
def validate(self, attrs):
# wrap the given refresh token as a RefreshToken object
refresh = RefreshToken(attrs["refresh"])
# create response data
data = {"access": str(refresh.access_token)}
if jwt_settings["ROTATE_REFRESH_TOKENS"]:
blacklisted_token = None
if jwt_settings["BLACKLIST_AFTER_ROTATION"]:
try:
# Attempt to blacklist the given refresh token
blacklisted_token, _ = refresh.blacklist()
except AttributeError:
# If blacklist app not installed, `blacklist` method will
# not be present
pass
# rotate refresh token
refresh.set_jti()
if refresh.get("client", False) == "pyintelowl":
refresh.set_exp(
lifetime=jwt_settings.get("PYINTELOWL_TOKEN_LIFETIME", None)
)
else:
refresh.set_exp()
data["refresh"] = str(refresh)
# PATCHED - Create Outstanding Token in the db
if blacklisted_token:
user = blacklisted_token.token.user
if user:
OutstandingToken.objects.create(
user=user,
jti=refresh.payload["jti"],
token=str(refresh),
created_at=refresh.current_time,
expires_at=datetime_from_epoch(refresh["exp"]),
)
return data
