-
-
Save a4amaan/bef14e8293d16fccdd5d9f24de28aa20 to your computer and use it in GitHub Desktop.
drf settings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import datetime | |
from .base import SECRET_KEY | |
REST_FRAMEWORK = { | |
'DEFAULT_PERMISSION_CLASSES': ( | |
'rest_framework.permissions.IsAuthenticatedOrReadOnly', | |
), | |
'DEFAULT_AUTHENTICATION_CLASSES': ( | |
'rest_framework_jwt.authentication.JSONWebTokenAuthentication', | |
'rest_framework.authentication.SessionAuthentication', | |
'rest_framework.authentication.BasicAuthentication', | |
) | |
} | |
JWT_AUTH = { | |
'JWT_ALGORITHM': 'HS256', | |
'JWT_VERIFY': True, | |
# 'JWT_GET_USER_SECRET_KEY': 'kitabcha.functions.jwt_get_user_secret_key_handler', | |
'JWT_SECRET_KEY': SECRET_KEY, | |
# 'JWT_ISSUER': 'https://mylazer.com', | |
'JWT_ENCODE_HANDLER': 'rest_framework_jwt.utils.jwt_encode_handler', | |
'JWT_DECODE_HANDLER': 'rest_framework_jwt.utils.jwt_decode_handler', | |
# 'JWT_PAYLOAD_HANDLER': 'mylazer.utils.jwt_payload_handler', | |
# 'JWT_PAYLOAD_GET_USER_ID_HANDLER': 'rest_framework_jwt.utils.jwt_get_user_id_from_payload_handler', | |
'JWT_VERIFY_EXPIRATION': True, | |
'JWT_RESPONSE_PAYLOAD_HANDLER': 'erp.utils.jwt_response_payload_handler', | |
'JWT_ALLOW_REFRESH': True, | |
'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=5), | |
'JWT_AUTH_HEADER_PREFIX': 'JWT', | |
'JWT_AUTH_COOKIE': None, | |
'JWT_ENABLE_BLACKLIST': True, | |
'JWT_EXPIRATION_DELTA': datetime.timedelta(hours=24), | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import datetime | |
import uuid | |
from calendar import timegm | |
import jwt | |
from django.utils import timezone | |
from rest_framework_jwt.compat import get_username_field, get_username | |
from rest_framework_jwt.settings import api_settings | |
# from kitabcha.serializers import UserSerializer | |
from erp.serializers import UserSerializer | |
from erp.functions import who_am_i | |
expire_delta = api_settings.JWT_REFRESH_EXPIRATION_DELTA | |
jwt_get_secret_key = api_settings.JWT_GET_USER_SECRET_KEY | |
def jwt_response_payload_handler(token, user=None, request=None): | |
data_dict = { | |
'token': token, | |
# 'expires': timezone.now() + expire_delta - datetime.timedelta(minutes=30), | |
'user': UserSerializer(user).data, | |
} | |
data_dict = who_am_i(user=user, data_dict=data_dict, request=request) | |
if len(data_dict) > 0: | |
return data_dict | |
return None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER | |
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER | |
jwt_response_payload_handler = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER | |
class AuthAPIView(APIView): | |
permission_classes = [AnonPermissionOnly] | |
def post(self, request, *args, **kwargs): | |
if request.user.is_authenticated: | |
return Response({"detail": "You are already authenticated"}, status=400) | |
data = request.data | |
email = data.get('email', None) | |
password = data.get('password', None) | |
if not email or not password: | |
return Response({"detail": "Please specify a email and password"}, status=401) | |
qs = User.objects.filter(email__iexact=email).distinct() | |
if qs.count() == 1: | |
user_obj = qs.first() | |
user = None | |
if user_obj.check_password(password): | |
user = user_obj | |
if user is not None: | |
payload = jwt_payload_handler(user) | |
token = jwt_encode_handler(payload) | |
response = jwt_response_payload_handler(token, user, request=request) | |
if response is not None: | |
return Response(response, status=status.HTTP_200_OK) | |
return Response({"detail": "Invalid login details"}, status=status.HTTP_401_UNAUTHORIZED) | |
return Response({"detail": "Invalid login details"}, status=status.HTTP_401_UNAUTHORIZED) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment