Last active
May 17, 2023 18:46
-
-
Save ishakoktn/836d8a1aefe6e537d82599fc301140bf to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# inspired by https://hashnode.com/post/using-django-drf-jwt-authentication-with-django-channels-cjzy5ffqs0013rus1yb9huxvl | |
# Caution! This is not secure for long live auth tokens. | |
# costum_middleware.py | |
from rest_framework_simplejwt.tokens import UntypedToken | |
from rest_framework_simplejwt.exceptions import InvalidToken, TokenError | |
from jwt import decode as jwt_decode | |
from django.conf import settings | |
from django.contrib.auth import get_user_model | |
from urllib.parse import parse_qs | |
from channels.db import database_sync_to_async | |
User = get_user_model() | |
class TokenAuthMiddleware: | |
def __init__(self, inner): | |
self.inner = inner | |
def __call__(self, scope): | |
token = parse_qs(scope["query_string"].decode("utf8"))["token"][0] | |
try: | |
UntypedToken(token) | |
except (InvalidToken, TokenError) as e: | |
return None | |
else: | |
decoded_data = jwt_decode(token, settings.SECRET_KEY, algorithms=["HS256"]) | |
user = self.get_user(decoded_data) | |
return self.inner(dict(scope, user=user)) | |
async def get_user(self, decoded_data): | |
return await database_sync_to_async(User.objects.get)(id=decoded_data["user_id"]) | |
#routering.py | |
from channels.routing import ProtocolTypeRouter, URLRouter | |
from my_project.costum_middeleware.channels_jwt_auth import TokenAuthMiddleware | |
import my_app.routing | |
application = ProtocolTypeRouter({ | |
'websocket': TokenAuthMiddleware( | |
URLRouter( | |
my_app.routing.websocket_urlpatterns | |
) | |
), | |
}) | |
# send token on url parameter like your-url.com?token=eyJ0eXAiOiJKV1QiLMzIxMzkzLCJqdGk...EsTBd | |
# | |
# using on consumers | |
# user = await self.scope['user'] | |
# self.user = user |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment