-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #12 from alpacanetworks/11-add-jwt-authentication
11 add jwt authentication
- Loading branch information
Showing
11 changed files
with
508 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
from django.utils.translation import gettext_lazy as _ | ||
|
||
from rest_framework import serializers | ||
from rest_framework.exceptions import ValidationError | ||
|
||
from api.apiclient.models import APIClient | ||
from api.apiclient.tokens import JWTRefreshToken | ||
|
||
|
||
class JWTLoginSerializer(serializers.Serializer): | ||
""" | ||
After authenticating whether it is a valid API client using the ID and Key received through the request, the access token and refresh token are returned using the client_id. | ||
""" | ||
|
||
id = serializers.UUIDField( | ||
label=_('ID'), | ||
write_only=True, | ||
) | ||
key = serializers.CharField( | ||
max_length=128, | ||
label=_('key'), | ||
style={'input_type': 'password'}, | ||
write_only=True, | ||
) | ||
|
||
def validate(self, data): | ||
client_id = data['id'] | ||
client_key = data['key'] | ||
obj = APIClient.objects.get_valid_client(id=client_id, key=client_key) | ||
if obj is not None: | ||
refresh = JWTRefreshToken.for_client(client_id) | ||
return { | ||
'refresh': str(refresh), | ||
'access': str(refresh.access_token), | ||
} | ||
else: | ||
raise ValidationError(_('Login credentials are incorrect.'), 'credential-error') | ||
|
||
|
||
class JWTRefreshSerializer(serializers.Serializer): | ||
""" | ||
After verifying whether the refresh token received in the request is a valid token, a new access token is returned. | ||
""" | ||
|
||
refresh = serializers.CharField() | ||
access = serializers.CharField(read_only=True) | ||
token_class = JWTRefreshToken | ||
|
||
def validate(self, data): | ||
refresh = self.token_class(data['refresh']) | ||
return { | ||
'access': str(refresh.access_token) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
from django.conf import settings | ||
|
||
from rest_framework_simplejwt.tokens import RefreshToken | ||
|
||
class JWTRefreshToken(RefreshToken): | ||
""" | ||
Return a token object by putting the APIclient ID in the token claim, and create an access token using the refresh token. | ||
""" | ||
|
||
@classmethod | ||
def for_client(cls, client_id): | ||
""" | ||
Returns an authorization token for the given client that will be provided after authenticating the user's credentials. | ||
""" | ||
|
||
token = cls() | ||
token[settings.SIMPLE_JWT['CLIENT_ID_CLAIM']] = str(client_id) | ||
return token |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
from django.urls import include, path | ||
|
||
from api.apiclient.views import JWTLoginView | ||
from api.apiclient.views import JWTRefreshView | ||
|
||
app_name = 'apiclient' | ||
|
||
|
||
jwt_patterns = ([ | ||
path('login/', JWTLoginView.as_view(), name='login'), | ||
path('refresh/', JWTRefreshView.as_view(), name='refresh'), | ||
], 'jwt') | ||
|
||
urlpatterns = [ | ||
path('jwt/', include(jwt_patterns)), | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
import logging | ||
|
||
from rest_framework_simplejwt.views import TokenObtainPairView | ||
from rest_framework_simplejwt.views import TokenRefreshView | ||
|
||
from api.apiclient.serializers import JWTLoginSerializer | ||
from api.apiclient.serializers import JWTRefreshSerializer | ||
|
||
|
||
logger = logging.getLogger(__name__) | ||
|
||
|
||
class JWTLoginView(TokenObtainPairView): | ||
""" | ||
Takes the Client ID and key and returns the access token and refresh token. | ||
The two tokens are a pair of tokens that prove client authentication. | ||
""" | ||
|
||
serializer_class = JWTLoginSerializer | ||
|
||
|
||
class JWTRefreshView(TokenRefreshView): | ||
""" | ||
Takes a refresh type JSON web token and returns an access type JSON web token if the refresh token is valid. | ||
""" | ||
|
||
serializer_class = JWTRefreshSerializer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.