Skip to content

Instantly share code, notes, and snippets.

@a4amaan

a4amaan/rest

Created October 14, 2020 04:54
Show Gist options
  • Save a4amaan/bef14e8293d16fccdd5d9f24de28aa20 to your computer and use it in GitHub Desktop.
Save a4amaan/bef14e8293d16fccdd5d9f24de28aa20 to your computer and use it in GitHub Desktop.
Download ZIP
drf settings
Raw
rest
import datetime
from .base import SECRET_KEY
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticatedOrReadOnly',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
)
}
JWT_AUTH = {
'JWT_ALGORITHM': 'HS256',
'JWT_VERIFY': True,
# 'JWT_GET_USER_SECRET_KEY': 'kitabcha.functions.jwt_get_user_secret_key_handler',
'JWT_SECRET_KEY': SECRET_KEY,
# 'JWT_ISSUER': 'https://mylazer.com',
'JWT_ENCODE_HANDLER': 'rest_framework_jwt.utils.jwt_encode_handler',
'JWT_DECODE_HANDLER': 'rest_framework_jwt.utils.jwt_decode_handler',
# 'JWT_PAYLOAD_HANDLER': 'mylazer.utils.jwt_payload_handler',
# 'JWT_PAYLOAD_GET_USER_ID_HANDLER': 'rest_framework_jwt.utils.jwt_get_user_id_from_payload_handler',
'JWT_VERIFY_EXPIRATION': True,
'JWT_RESPONSE_PAYLOAD_HANDLER': 'erp.utils.jwt_response_payload_handler',
'JWT_ALLOW_REFRESH': True,
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=5),
'JWT_AUTH_HEADER_PREFIX': 'JWT',
'JWT_AUTH_COOKIE': None,
'JWT_ENABLE_BLACKLIST': True,
'JWT_EXPIRATION_DELTA': datetime.timedelta(hours=24),
}
Raw
utils
import datetime
import uuid
from calendar import timegm
import jwt
from django.utils import timezone
from rest_framework_jwt.compat import get_username_field, get_username
from rest_framework_jwt.settings import api_settings
# from kitabcha.serializers import UserSerializer
from erp.serializers import UserSerializer
from erp.functions import who_am_i
expire_delta = api_settings.JWT_REFRESH_EXPIRATION_DELTA
jwt_get_secret_key = api_settings.JWT_GET_USER_SECRET_KEY
def jwt_response_payload_handler(token, user=None, request=None):
data_dict = {
'token': token,
# 'expires': timezone.now() + expire_delta - datetime.timedelta(minutes=30),
'user': UserSerializer(user).data,
}
data_dict = who_am_i(user=user, data_dict=data_dict, request=request)
if len(data_dict) > 0:
return data_dict
return None
Raw
views
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
jwt_response_payload_handler = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER
class AuthAPIView(APIView):
permission_classes = [AnonPermissionOnly]
def post(self, request, *args, **kwargs):
if request.user.is_authenticated:
return Response({"detail": "You are already authenticated"}, status=400)
data = request.data
email = data.get('email', None)
password = data.get('password', None)
if not email or not password:
return Response({"detail": "Please specify a email and password"}, status=401)
qs = User.objects.filter(email__iexact=email).distinct()
if qs.count() == 1:
user_obj = qs.first()
user = None
if user_obj.check_password(password):
user = user_obj
if user is not None:
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
response = jwt_response_payload_handler(token, user, request=request)
if response is not None:
return Response(response, status=status.HTTP_200_OK)
return Response({"detail": "Invalid login details"}, status=status.HTTP_401_UNAUTHORIZED)
return Response({"detail": "Invalid login details"}, status=status.HTTP_401_UNAUTHORIZED)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment