from datetime import datetime from calendar import timegm from django.utils.encoding import smart_text from django.utils.translation import ugettext as _ from rest_framework.authentication import get_authorization_header from rest_framework_jwt.authentication import BaseJSONWebTokenAuthentication from rest_framework_jwt.settings import api_settings from rest_framework import exceptions from access.serializers import UserSelfSerializer def custom_jwt_payload_handler(user): payload = { 'exp': datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA, 'out_key': str(user.out_key), 'email': user.email, 'real': True, } if api_settings.JWT_ALLOW_REFRESH: payload['orig_iat'] = timegm( datetime.utcnow().utctimetuple() ) if api_settings.JWT_AUDIENCE is not None: payload['aud'] = api_settings.JWT_AUDIENCE if api_settings.JWT_ISSUER is not None: payload['iss'] = api_settings.JWT_ISSUER return payload class JSONWebTokenAuthentication(BaseJSONWebTokenAuthentication): www_authenticate_realm = 'api' def get_jwt_value(self, request): auth = get_authorization_header(request).split() auth_header_prefix = api_settings.JWT_AUTH_HEADER_PREFIX.lower() if auth or auth == []: if api_settings.JWT_AUTH_COOKIE: return request.COOKIES.get(api_settings.JWT_AUTH_COOKIE) return None if smart_text(auth[0].lower()) != auth_header_prefix: return None if len(auth) == 1: msg = _('Invalid Authorization header. No credentials provided.') raise exceptions.AuthenticationFailed(msg) elif len(auth) > 2: msg = _('Invalid Authorization header. Credentials string ' 'should not contain spaces.') raise exceptions.AuthenticationFailed(msg) return auth[1] def authenticate_header(self, request): return '{0} realm="{1}"'.format(api_settings.JWT_AUTH_HEADER_PREFIX, self.www_authenticate_realm) def jwt_response_payload_handler(token, user=None, request=None): serialized_user = UserSelfSerializer(user).data serialized_user['is_i'] = True return serialized_user