def decode(self, token: str, kind: str) -> dict: """decodes jwt into json(python dict)""" if kind == 'refresh': return decode_jwt(token.replace('Bearer ', '').encode('utf-8'), self._refresh_secret, algorithms=['HS256']) if kind == 'access': return decode_jwt(token.replace('Bearer ', '').encode('utf-8'), self._access_secret, algorithms=['HS256']) raise ValueError('token kind must be either refresh or access')
def test_custom_jwt_claims_cookie_w_authentication(self): payload = {"username": self.USERNAME, "password": self.PASS} get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS) resp = self.post(self.login_url, data=payload, status_code=200) self.assertEqual(['jwt-auth'], list(resp.cookies.keys())) token = resp.cookies.get('jwt-auth').value claims = decode_jwt(token, settings.SECRET_KEY, algorithms='HS256') self.assertEquals(claims['user_id'], 1) self.assertEquals(claims['name'], 'person') self.assertEquals(claims['email'], '*****@*****.**') resp = self.get('/protected-view/') self.assertEquals(resp.status_code, 200)
def test_custom_jwt_claims(self): payload = { "username": self.USERNAME, "password": self.PASS } get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS) self.post(self.login_url, data=payload, status_code=200) self.assertEqual('access_token' in self.response.json.keys(), True) self.token = self.response.json['access_token'] claims = decode_jwt(self.token, settings.SECRET_KEY, algorithms='HS256') self.assertEquals(claims['user_id'], 1) self.assertEquals(claims['name'], 'person') self.assertEquals(claims['email'], '*****@*****.**')
def verify_password_reset_token(cls, token): user = None try: token_data = decode_jwt( token, current_app.config["SECRET_KEY"], algorithms=[current_app.config["JWT_ALGORITHM"]], ) user_id = token_data["reset_password"] user = cls.get_by_id(user_id) except InvalidTokenError as ite: current_app.logger.error( f"Someone is trying to use an invalid token to reset a user password!\n{str(ite)}" ) return user