Tivix/django-rest-auth
1
1
Fork 0
mirror of https://github.com/Tivix/django-rest-auth.git synced 2024-12-02 13:53:43 +03:00
Code Issues Packages Projects Releases Wiki Activity

hopefully this should work?

Browse Source
This commit is contained in:
alichass 2020-03-19 17:09:20 -04:00
parent 12e79aa33e
commit f73f3af1d3
5 changed files with 45 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
dj_rest_auth/app_settings.py
View File

@ -34,3 +34,6 @@ PasswordResetConfirmSerializer = serializers.get(
) )
PasswordChangeSerializer = import_callable(serializers.get('PASSWORD_CHANGE_SERIALIZER', DefaultPasswordChangeSerializer)) PasswordChangeSerializer = import_callable(serializers.get('PASSWORD_CHANGE_SERIALIZER', DefaultPasswordChangeSerializer))
JWT_AUTH_COOKIE = getattr(settings, 'JWT_AUTH_COOKIE', None)

2
dj_rest_auth/tests/settings.py
View File

@ -68,7 +68,7 @@ TEMPLATES = [
REST_FRAMEWORK = { REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': ( 'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication', 'rest_framework.authentication.SessionAuthentication',
'rest_framework_simplejwt.authentication.JWTAuthentication', 'dj_rest_auth.utils.JWTCookieAuthentication',
) )
} }

30
dj_rest_auth/utils.py
View File

@ -1,5 +1,5 @@
from importlib import import_module from importlib import import_module
from .app_settings import JWT_AUTH_COOKIE
def import_callable(path_or_callable): def import_callable(path_or_callable):
if hasattr(path_or_callable, '__call__'): if hasattr(path_or_callable, '__call__'):
@ -23,3 +23,31 @@ def jwt_encode(user):
refresh = TokenObtainPairSerializer.get_token(user) refresh = TokenObtainPairSerializer.get_token(user)
return refresh.access_token, refresh return refresh.access_token, refresh
try:
from rest_framework_simplejwt.authentication import JWTAuthentication
class JWTCookieAuthentication(JWTAuthentication):
"""
An authentication plugin that hopefully authenticates requests through a JSON web
token provided in a request cookie (and through the header as normal, with a preference to the header).
"""
def authenticate(self, request):
header = self.get_header(request)
if header is None:
if JWT_AUTH_COOKIE: # or settings.JWT_AUTH_COOKIE
raw_token = request.COOKIES.get(JWT_AUTH_COOKIE) # or settings.jwt_auth_cookie
else:
return None
else:
raw_token = self.get_raw_token(header)
if raw_token is None:
return None
validated_token = self.get_validated_token(raw_token)
return self.get_user(validated_token), validated_token
except ImportError as I:
pass

22
dj_rest_auth/views.py
View File

@ -16,7 +16,7 @@ from .app_settings import (JWTSerializer, LoginSerializer,
PasswordChangeSerializer, PasswordChangeSerializer,
PasswordResetConfirmSerializer, PasswordResetConfirmSerializer,
PasswordResetSerializer, TokenSerializer, PasswordResetSerializer, TokenSerializer,
UserDetailsSerializer, create_token) UserDetailsSerializer, create_token, JWT_AUTH_COOKIE)
from .models import TokenModel from .models import TokenModel
from .utils import jwt_encode from .utils import jwt_encode
@ -85,13 +85,13 @@ class LoginView(GenericAPIView):
response = Response(serializer.data, status=status.HTTP_200_OK) response = Response(serializer.data, status=status.HTTP_200_OK)
if getattr(settings, 'REST_USE_JWT', False): if getattr(settings, 'REST_USE_JWT', False):
from rest_framework_simplejwt.settings import api_settings as jwt_settings from rest_framework_simplejwt.settings import api_settings as jwt_settings
#if jwt_settings.JWT_AUTH_COOKIE #this needs to be added to simplejwt if JWT_AUTH_COOKIE: #this needs to be added to simplejwt
from datetime import datetime from datetime import datetime
expiration = (datetime.utcnow() + jwt_settings.ACCESS_TOKEN_LIFETIME) expiration = (datetime.utcnow() + jwt_settings.ACCESS_TOKEN_LIFETIME)
response.set_cookie('somestring', #replace with jwt_settings.JWT_AUTH_COOKIE response.set_cookie(JWT_AUTH_COOKIE, #this needs to be added to simplejwt
self.access_token, self.access_token,
expires=expiration, expires=expiration,
httponly=True) httponly=True)
return response return response
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
@ -135,9 +135,9 @@ class LogoutView(APIView):
response = Response({"detail": _("Successfully logged out.")}, response = Response({"detail": _("Successfully logged out.")},
status=status.HTTP_200_OK) status=status.HTTP_200_OK)
if getattr(settings, 'REST_USE_JWT', False): if getattr(settings, 'REST_USE_JWT', False):
from rest_framework_simplejwt.settings import api_settings as jwt_settings # from rest_framework_simplejwt.settings import api_settings as jwt_settings
#if jwt_settings.JWT_AUTH_COOKIE #this needs to be added to simplejwt if JWT_AUTH_COOKIE: #this needs to be added to simplejwt
response.delete_cookie('somestring') #replace with jwt_settings.JWT_AUTH_COOKIE response.delete_cookie(JWT_AUTH_COOKIE) #this needs to be added to simplejwt
return response return response

2
docs/installation.rst
View File

@ -259,7 +259,7 @@ By default ``dj-rest-auth`` uses Django's Token-based authentication. If you wan
... ...
'DEFAULT_AUTHENTICATION_CLASSES': ( 'DEFAULT_AUTHENTICATION_CLASSES': (
... ...
'rest_framework_simplejwt.authentication.JWTAuthentication', 'dj_rest_auth.utils.JWTCookieAuthentication',
) )
... ...
} }