Tivix/django-rest-auth
1
1
Fork 0
mirror of https://github.com/Tivix/django-rest-auth.git synced 2025-06-25 23:23:04 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added the ability to return the access + refresh token expiry times. This is great when Http Only cookies are enabled.

Browse Source
This commit is contained in:
Joel Whitaker 2020-10-29 14:19:33 +00:00 committed by Michael
parent bdc883dcb3
commit f923bb5a7c
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
dj_rest_auth/views.py
View File

@ -72,11 +72,23 @@ class LoginView(GenericAPIView):
serializer_class = self.get_response_serializer() serializer_class = self.get_response_serializer()
if getattr(settings, 'REST_USE_JWT', False): if getattr(settings, 'REST_USE_JWT', False):
from rest_framework_simplejwt.settings import api_settings as jwt_settings
from datetime import datetime
access_token_expiration = (datetime.utcnow() + jwt_settings.ACCESS_TOKEN_LIFETIME)
refresh_token_expiration = (datetime.utcnow() + jwt_settings.REFRESH_TOKEN_LIFETIME)
return_expiration_times = getattr(settings, 'JWT_AUTH_RETURN_EXPIRATION', False)
data = { data = {
'user': self.user, 'user': self.user,
'access_token': self.access_token, 'access_token': self.access_token,
'refresh_token': self.refresh_token 'refresh_token': self.refresh_token
} }
if return_expiration_times:
data['access_token_expiration'] = access_token_expiration
data['refresh_token_expiration'] = refresh_token_expiration
serializer = serializer_class(instance=data, serializer = serializer_class(instance=data,
context=self.get_serializer_context()) context=self.get_serializer_context())
else: else:
@ -90,24 +102,22 @@ class LoginView(GenericAPIView):
cookie_secure = getattr(settings, 'JWT_AUTH_SECURE', False) cookie_secure = getattr(settings, 'JWT_AUTH_SECURE', False)
cookie_httponly = getattr(settings, 'JWT_AUTH_HTTPONLY', True) cookie_httponly = getattr(settings, 'JWT_AUTH_HTTPONLY', True)
cookie_samesite = getattr(settings, 'JWT_AUTH_SAMESITE', 'Lax') cookie_samesite = getattr(settings, 'JWT_AUTH_SAMESITE', 'Lax')
from rest_framework_simplejwt.settings import api_settings as jwt_settings
from datetime import datetime
if cookie_name: if cookie_name:
expiration = (datetime.utcnow() + jwt_settings.ACCESS_TOKEN_LIFETIME)
response.set_cookie( response.set_cookie(
cookie_name, cookie_name,
self.access_token, self.access_token,
expires=expiration, expires=access_token_expiration,
secure=cookie_secure, secure=cookie_secure,
httponly=cookie_httponly, httponly=cookie_httponly,
samesite=cookie_samesite samesite=cookie_samesite
) )
if refresh_cookie_name: if refresh_cookie_name:
expiration = (datetime.utcnow() + jwt_settings.REFRESH_TOKEN_LIFETIME)
response.set_cookie( response.set_cookie(
refresh_cookie_name, refresh_cookie_name,
self.refresh_token, self.refresh_token,
expires=expiration, expires=refresh_token_expiration,
secure=cookie_secure, secure=cookie_secure,
httponly=cookie_httponly, httponly=cookie_httponly,
samesite=cookie_samesite samesite=cookie_samesite