· 7 years ago · Nov 13, 2018, 01:12 PM
1from rest_framework import status, exceptions
2from django.http import HttpResponse
3from rest_framework.authentication import get_authorization_header, BaseAuthentication
4from users.models import User
5import jwt
6import json
7
8
9class JWTAuthentication(BaseAuthentication):
10
11 model = None
12
13 def get_model(self):
14 return User
15
16 def authenticate(self, request):
17 auth=get_authorization_header(request).split()
18 if not auth or auth[0].lower() != b'token':
19 return None
20
21 if len(auth) == 1:
22 msg = 'Invalid token header. No credentials provided!'
23 raise exceptions.AuthenticationFailed(msg)
24
25 try:
26 token = auth[1]
27 if token == "null":
28 msg = 'Null token not allowed'
29 raise exceptions.AuthenticationFailed(msg)
30 except UnicodeError:
31 msg = 'Invalid token header. Token string should not contain invalid characters.'
32 raise exceptions.AuthenticationFailed(msg)
33
34 return self.authenticate_credentials(token)
35
36 def authenticate_credentials(self, token):
37 model = self.get_model()
38 payload = jwt.decode(token, "SECRET_KEY")
39 email = payload['email']
40 user_id = payload['id']
41 msg = {'Error': "Token mismatch", 'status': "401"}
42 try:
43 user = model.objects.get(
44 email=email,
45 id=user_id,
46 is_active=True
47 )
48 if not user.token['token'] == token:
49 raise exceptions.AuthenticationFailed(msg)
50 except jwt.ExpiredSignature or jwt.DecodeError or jwt.InvalidTokenError:
51 return HttpResponse({'Error': "Token is invalid"}, status="403")
52 except User.DoesNotExist:
53 return HttpResponse({'Error': "Internal server error"}, status="500")
54
55 return user, token
56
57 def authenticate_header(self, request):
58 return 'Token'