mirror of
https://github.com/Tivix/django-rest-auth.git
synced 2024-11-22 09:06:40 +03:00
Added tests for JWT, fixed merge issues
This commit is contained in:
parent
f8a9cc152d
commit
e3a1ba520e
|
@ -10,6 +10,8 @@ Configuration
|
||||||
|
|
||||||
- TOKEN_SERIALIZER - response for successful authentication in ``rest_auth.views.LoginView``, default value ``rest_auth.serializers.TokenSerializer``
|
- TOKEN_SERIALIZER - response for successful authentication in ``rest_auth.views.LoginView``, default value ``rest_auth.serializers.TokenSerializer``
|
||||||
|
|
||||||
|
- JWT_SERIALIZER - (Using REST_USE_JWT=True) response for successful authentication in ``rest_auth.views.LoginView``, default value ``rest_auth.serializers.JWTSerializer``
|
||||||
|
|
||||||
- USER_DETAILS_SERIALIZER - serializer class in ``rest_auth.views.UserDetailsView``, default value ``rest_auth.serializers.UserDetailsSerializer``
|
- USER_DETAILS_SERIALIZER - serializer class in ``rest_auth.views.UserDetailsView``, default value ``rest_auth.serializers.UserDetailsSerializer``
|
||||||
|
|
||||||
- PASSWORD_RESET_SERIALIZER - serializer class in ``rest_auth.views.PasswordResetView``, default value ``rest_auth.serializers.PasswordResetSerializer``
|
- PASSWORD_RESET_SERIALIZER - serializer class in ``rest_auth.views.PasswordResetView``, default value ``rest_auth.serializers.PasswordResetSerializer``
|
||||||
|
@ -42,6 +44,8 @@ Configuration
|
||||||
|
|
||||||
- **REST_SESSION_LOGIN** - Enable session login in Login API view (default: True)
|
- **REST_SESSION_LOGIN** - Enable session login in Login API view (default: True)
|
||||||
|
|
||||||
|
- **REST_USE_JWT** - Enable JWT Authentication instead of Token/Session based. This is built on top of django-rest-framework-jwt http://getblimp.github.io/django-rest-framework-jwt/ , which much also be installed. (default: False)
|
||||||
|
|
||||||
- **OLD_PASSWORD_FIELD_ENABLED** - set it to True if you want to have old password verification on password change enpoint (default: False)
|
- **OLD_PASSWORD_FIELD_ENABLED** - set it to True if you want to have old password verification on password change enpoint (default: False)
|
||||||
|
|
||||||
- **LOGOUT_ON_PASSWORD_CHANGE** - set to False if you want to keep the current user logged in after a password change
|
- **LOGOUT_ON_PASSWORD_CHANGE** - set to False if you want to keep the current user logged in after a password change
|
||||||
|
|
|
@ -109,3 +109,18 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati
|
||||||
)
|
)
|
||||||
|
|
||||||
.. note:: Starting from v0.21.0, django-allauth has dropped support for context processors. Check out http://django-allauth.readthedocs.org/en/latest/changelog.html#from-0-21-0 for more details.
|
.. note:: Starting from v0.21.0, django-allauth has dropped support for context processors. Check out http://django-allauth.readthedocs.org/en/latest/changelog.html#from-0-21-0 for more details.
|
||||||
|
|
||||||
|
|
||||||
|
JWT Support (optional)
|
||||||
|
----------------------
|
||||||
|
|
||||||
|
By default, ``django-rest-auth`` uses Django's Token-based authentication. If you want to use JWT authentication, you need to install the following:
|
||||||
|
|
||||||
|
1. Install ``django-rest-framework-jwt`` http://getblimp.github.io/django-rest-framework-jwt/ . Right now this is the only supported JWT library.
|
||||||
|
|
||||||
|
2. Add the following to your settings
|
||||||
|
|
||||||
|
.. code-block:: python
|
||||||
|
|
||||||
|
REST_USE_JWT = True
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,7 @@ from allauth.account.utils import complete_signup
|
||||||
from allauth.account import app_settings as allauth_settings
|
from allauth.account import app_settings as allauth_settings
|
||||||
|
|
||||||
from rest_auth.app_settings import (TokenSerializer,
|
from rest_auth.app_settings import (TokenSerializer,
|
||||||
|
JWTSerializer,
|
||||||
create_token)
|
create_token)
|
||||||
from rest_auth.registration.serializers import (SocialLoginSerializer,
|
from rest_auth.registration.serializers import (SocialLoginSerializer,
|
||||||
VerifyEmailSerializer)
|
VerifyEmailSerializer)
|
||||||
|
@ -31,7 +32,14 @@ class RegisterView(CreateAPIView):
|
||||||
allauth_settings.EmailVerificationMethod.MANDATORY:
|
allauth_settings.EmailVerificationMethod.MANDATORY:
|
||||||
return {}
|
return {}
|
||||||
|
|
||||||
return TokenSerializer(user.auth_token).data
|
if getattr(settings, 'REST_USE_JWT', False):
|
||||||
|
data = {
|
||||||
|
'user': user,
|
||||||
|
'token': self.token
|
||||||
|
}
|
||||||
|
return JWTSerializer(data).data
|
||||||
|
else:
|
||||||
|
return TokenSerializer(user.auth_token).data
|
||||||
|
|
||||||
def create(self, request, *args, **kwargs):
|
def create(self, request, *args, **kwargs):
|
||||||
serializer = self.get_serializer(data=request.data)
|
serializer = self.get_serializer(data=request.data)
|
||||||
|
@ -43,7 +51,10 @@ class RegisterView(CreateAPIView):
|
||||||
|
|
||||||
def perform_create(self, serializer):
|
def perform_create(self, serializer):
|
||||||
user = serializer.save(self.request)
|
user = serializer.save(self.request)
|
||||||
create_token(self.token_model, user, serializer)
|
if getattr(settings, 'REST_USE_JWT', False):
|
||||||
|
self.token = jwt_encode(user)
|
||||||
|
else:
|
||||||
|
create_token(self.token_model, user, serializer)
|
||||||
complete_signup(self.request._request, user,
|
complete_signup(self.request._request, user,
|
||||||
allauth_settings.EMAIL_VERIFICATION,
|
allauth_settings.EMAIL_VERIFICATION,
|
||||||
None)
|
None)
|
||||||
|
|
|
@ -91,6 +91,19 @@ class APITestCase1(TestCase, BaseAPITestCase):
|
||||||
# test empty payload
|
# test empty payload
|
||||||
self.post(self.login_url, data={}, status_code=400)
|
self.post(self.login_url, data={}, status_code=400)
|
||||||
|
|
||||||
|
@override_settings(REST_USE_JWT=True)
|
||||||
|
def test_login_jwt(self):
|
||||||
|
payload = {
|
||||||
|
"username": self.USERNAME,
|
||||||
|
"password": self.PASS
|
||||||
|
}
|
||||||
|
user = get_user_model().objects.create_user(self.USERNAME, '', self.PASS)
|
||||||
|
|
||||||
|
self.post(self.login_url, data=payload, status_code=200)
|
||||||
|
self.assertEqual('token' in self.response.json.keys(), True)
|
||||||
|
self.token = self.response.json['token']
|
||||||
|
|
||||||
|
|
||||||
def test_login_by_email(self):
|
def test_login_by_email(self):
|
||||||
# starting test without allauth app
|
# starting test without allauth app
|
||||||
settings.INSTALLED_APPS.remove('allauth')
|
settings.INSTALLED_APPS.remove('allauth')
|
||||||
|
@ -307,6 +320,22 @@ class APITestCase1(TestCase, BaseAPITestCase):
|
||||||
self.assertEqual(user.last_name, self.response.json['last_name'])
|
self.assertEqual(user.last_name, self.response.json['last_name'])
|
||||||
self.assertEqual(user.email, self.response.json['email'])
|
self.assertEqual(user.email, self.response.json['email'])
|
||||||
|
|
||||||
|
@override_settings(REST_USE_JWT=True)
|
||||||
|
def test_user_details_using_jwt(self):
|
||||||
|
user = get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS)
|
||||||
|
payload = {
|
||||||
|
"username": self.USERNAME,
|
||||||
|
"password": self.PASS
|
||||||
|
}
|
||||||
|
self.post(self.login_url, data=payload, status_code=200)
|
||||||
|
self.token = self.response.json['token']
|
||||||
|
self.get(self.user_url, status_code=200)
|
||||||
|
|
||||||
|
self.patch(self.user_url, data=self.BASIC_USER_DATA, status_code=200)
|
||||||
|
user = get_user_model().objects.get(pk=user.pk)
|
||||||
|
self.assertEqual(user.email, self.response.json['email'])
|
||||||
|
|
||||||
|
|
||||||
def test_registration(self):
|
def test_registration(self):
|
||||||
user_count = get_user_model().objects.all().count()
|
user_count = get_user_model().objects.all().count()
|
||||||
|
|
||||||
|
@ -323,6 +352,20 @@ class APITestCase1(TestCase, BaseAPITestCase):
|
||||||
self._login()
|
self._login()
|
||||||
self._logout()
|
self._logout()
|
||||||
|
|
||||||
|
@override_settings(REST_USE_JWT=True)
|
||||||
|
def test_registration_with_jwt(self):
|
||||||
|
user_count = get_user_model().objects.all().count()
|
||||||
|
|
||||||
|
self.post(self.register_url, data={}, status_code=400)
|
||||||
|
|
||||||
|
result = self.post(self.register_url, data=self.REGISTRATION_DATA, status_code=201)
|
||||||
|
self.assertIn('token', result.data)
|
||||||
|
self.assertEqual(get_user_model().objects.all().count(), user_count + 1)
|
||||||
|
|
||||||
|
self._login()
|
||||||
|
self._logout()
|
||||||
|
|
||||||
|
|
||||||
def test_registration_with_invalid_password(self):
|
def test_registration_with_invalid_password(self):
|
||||||
data = self.REGISTRATION_DATA.copy()
|
data = self.REGISTRATION_DATA.copy()
|
||||||
data['password2'] = 'foobar'
|
data['password2'] = 'foobar'
|
||||||
|
|
|
@ -12,7 +12,7 @@ from rest_framework.generics import RetrieveUpdateAPIView
|
||||||
from .app_settings import (
|
from .app_settings import (
|
||||||
TokenSerializer, UserDetailsSerializer, LoginSerializer,
|
TokenSerializer, UserDetailsSerializer, LoginSerializer,
|
||||||
PasswordResetSerializer, PasswordResetConfirmSerializer,
|
PasswordResetSerializer, PasswordResetConfirmSerializer,
|
||||||
PasswordChangeSerializer, create_token
|
PasswordChangeSerializer, JWTSerializer, create_token
|
||||||
)
|
)
|
||||||
from .models import TokenModel
|
from .models import TokenModel
|
||||||
|
|
||||||
|
@ -43,17 +43,15 @@ class LoginView(GenericAPIView):
|
||||||
|
|
||||||
def login(self):
|
def login(self):
|
||||||
self.user = self.serializer.validated_data['user']
|
self.user = self.serializer.validated_data['user']
|
||||||
self.token = create_token(self.token_model, self.user, self.serializer)
|
|
||||||
if getattr(settings, 'REST_SESSION_LOGIN', True):
|
|
||||||
login(self.request, self.user)
|
|
||||||
|
|
||||||
if getattr(settings, 'REST_USE_JWT', False):
|
if getattr(settings, 'REST_USE_JWT', False):
|
||||||
self.token = jwt_encode(self.user)
|
self.token = jwt_encode(self.user)
|
||||||
else:
|
else:
|
||||||
self.token, created = self.token_model.objects.get_or_create(
|
self.token = create_token(self.token_model, self.user, self.serializer)
|
||||||
user=self.user)
|
|
||||||
if getattr(settings, 'REST_SESSION_LOGIN', True):
|
if getattr(settings, 'REST_SESSION_LOGIN', True):
|
||||||
login(self.request, self.user)
|
login(self.request, self.user)
|
||||||
|
|
||||||
|
|
||||||
def get_response(self):
|
def get_response(self):
|
||||||
serializer_class = self.get_response_serializer()
|
serializer_class = self.get_response_serializer()
|
||||||
|
|
Loading…
Reference in New Issue
Block a user