-
Notifications
You must be signed in to change notification settings - Fork 1
/
views.py
63 lines (48 loc) · 2.09 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
import jwt
from drfpasswordless.views import ObtainAuthTokenFromCallbackToken
from rest_framework import serializers, status
from rest_framework.permissions import AllowAny
from rest_framework.response import Response
from rest_framework.views import APIView
from .utils import decode_jwt, generate_jwt
from drfpasswordless.views import ObtainEmailCallbackToken
from drfpasswordless.serializers import EmailAuthSerializer
from django.conf import settings
from django.core.validators import RegexValidator
class EmailAuthWhiteListSerializer(EmailAuthSerializer):
email_regex = RegexValidator(
regex=settings.EMAIL_WHITE_LIST,
message=settings.EMAIL_WHITE_LIST_MESSAGE,
)
email = serializers.EmailField(validators=[email_regex])
class ObtainEmailWhiteListCallbackToken(ObtainEmailCallbackToken):
serializer_class = EmailAuthWhiteListSerializer
class ObtainJWTFromCallbackToken(ObtainAuthTokenFromCallbackToken):
def post(self, request, *args, **kwargs):
email = request.data['email']
resp = super(ObtainJWTFromCallbackToken, self).post(request, *args,
**kwargs)
token = generate_jwt(email)
resp.data['email'] = email
resp.data['token'] = token
return resp
class JWTSerializer(serializers.Serializer):
token = serializers.CharField()
def validate_token(self, value):
try:
value = decode_jwt(value)
except jwt.ExpiredSignatureError:
raise serializers.ValidationError('token expired')
return value
class VerifyJWT(APIView):
permission_classes = [AllowAny]
serializer_class = JWTSerializer
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data,
context={'request': request})
if serializer.is_valid(raise_exception=False):
return Response(
serializer.validated_data['token'],
status=status.HTTP_200_OK,
)
return Response(status=status.HTTP_401_UNAUTHORIZED)