evandempsey/shopify_app_bridge_token_django_rest_framework.py

## shopify_app_bridge_token_django_rest_framework.py
# Put the following in shopify_app.authentication.py. This assumes we have a
# custom User model in shopify_app.models with a unique myshopify_domain
# attribute. The Shopify app API key and shared secret are imported from
# settings.py.

import datetime
import jwt
from datetime import timezone
from rest_framework import authentication
from rest_framework import exceptions

from shopify_app.models import (
    ShopUser
)
from shopify_app.settings import (
    API_KEY,
    SHARED_SECRET
)


class ShopifyAppBridgeAuthentication(authentication.BaseAuthentication):
    def authenticate(self, request):
        # Verify that the header exists and contains a token.
        token = request.META.get('HTTP_AUTHORIZATION')
        if not token or 'Bearer' not in token:
            return None

        # Extract the JWT token.
        exploded = token.split(' ')
        if len(exploded) != 2:
            return None

        # Decode the JWT token with PyJWT.
        decoded = jwt.decode(exploded[1], SHARED_SECRET,
                             audience=API_KEY, algorithms=["HS256"])

        # Verify that the token is not expired.
        now = datetime.datetime.now()
        timestamp = now.replace(tzinfo=timezone.utc).timestamp()

        if not decoded['nbf'] <= timestamp <= decoded['exp']:
            raise exceptions.AuthenticationFailed('Token is expired.')

        try:
            myshopify_domain = decoded["dest"].replace("https://", "")
            user = ShopUser.objects.get(myshopify_domain=myshopify_domain)
        except ShopUser.DoesNotExist:
            raise exceptions.AuthenticationFailed('No such user.')

        return user, None


# Then in views.py, if we want to create a Django Rest Framework
# ModelViewSet for a model called ShopModel, we could do something
# like this.

class ShopModelViewSet(ModelViewSet):
    serializer_class = ShopModelSerializer
    authentication_classes = [ShopifyAppBridgeAuthentication]
    permission_classes = [IsAuthenticated]

    def get_queryset(self):
        return ShopModel.objects.filter(user=request.user)
	# Put the following in shopify_app.authentication.py. This assumes we have a
	# custom User model in shopify_app.models with a unique myshopify_domain
	# attribute. The Shopify app API key and shared secret are imported from
	# settings.py.

	import datetime
	import jwt
	from datetime import timezone
	from rest_framework import authentication
	from rest_framework import exceptions

	from shopify_app.models import (
	ShopUser
	)
	from shopify_app.settings import (
	API_KEY,
	SHARED_SECRET
	)


	class ShopifyAppBridgeAuthentication(authentication.BaseAuthentication):
	def authenticate(self, request):
	# Verify that the header exists and contains a token.
	token = request.META.get('HTTP_AUTHORIZATION')
	if not token or 'Bearer' not in token:
	return None

	# Extract the JWT token.
	exploded = token.split(' ')
	if len(exploded) != 2:
	return None

	# Decode the JWT token with PyJWT.
	decoded = jwt.decode(exploded[1], SHARED_SECRET,
	audience=API_KEY, algorithms=["HS256"])

	# Verify that the token is not expired.
	now = datetime.datetime.now()
	timestamp = now.replace(tzinfo=timezone.utc).timestamp()

	if not decoded['nbf'] <= timestamp <= decoded['exp']:
	raise exceptions.AuthenticationFailed('Token is expired.')

	try:
	myshopify_domain = decoded["dest"].replace("https://", "")
	user = ShopUser.objects.get(myshopify_domain=myshopify_domain)
	except ShopUser.DoesNotExist:
	raise exceptions.AuthenticationFailed('No such user.')

	return user, None


	# Then in views.py, if we want to create a Django Rest Framework
	# ModelViewSet for a model called ShopModel, we could do something
	# like this.

	class ShopModelViewSet(ModelViewSet):
	serializer_class = ShopModelSerializer
	authentication_classes = [ShopifyAppBridgeAuthentication]
	permission_classes = [IsAuthenticated]

	def get_queryset(self):
	return ShopModel.objects.filter(user=request.user)